The  FGG  speaks  Commission  finally  issues  new  regulations 
for  competition  between  telephone  companies,  ISPs.  PAGE  10. 


Worm  warfare  A  week  after  Blaster  hits,  a  slew  of 

new  worms  take  their  toll  on  Windows  networks.  PAGE  14. 
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Internet 

.  The  Internet 

danger  zone 

Reports  of  hackers,  crackers,  script  kiddies  and  cyber¬ 
terrorists  are  everywhere.  But  how  dangerous  is  the  Internet 
really?  We  took  a  two-week  slice  of  Internet  activity  from 
several  vantage  points  to  ascertain  where  attacks  are 
coming  from,  how  hackers  are  looking  to  get  into  corporate 
networks  and  what  they’re  after. 

Who's  that  knocking  at  the  network  door? 

Tel  Aviv  University’s  10,000-node  network  was  scanned 
for  open  ports  96,000  times  in  two  weeks  from  machines 
in  99  countries. This  could  just  as  easily  have  happened 
to  your  network.  Page  49. 

What  do  they  want?  -Jr 

A  review  of  security  alerts  generated  at  a  regional  ISP 
shows  that  hackers  aim  to  use  compromised  machines 
as  spam  relays,  to  store  illicit  files  and  to  launch  future 
attacks.  Page  50. 

The  R0I  of  network  security 

Strategies  for  calculating  the  bottom-line  benefit  of  not 
getting  hacked.  Page  54. 

Online  action  at  www.nwfusion.com: 

Headed  for  your  ports 

A  snapshot  of  the  top  ports  to  watch  on  your  firewall. 

DocFinder:  7336. 

Hacker  worldwide  hot  spots  S 

Country-by-country  breakdown  of  hacker  activity. 

DocFinder:  7337. 


Portability  near 
for  wireless  set 


■  BY  DENISE  PAPPALARDO 

Customers  want  it  and  the  FCC 
says  they  soon  can  have  it,  but 
wireless  number  portability  won’t 
be  without  its  hassles. 

The  FCC  has  given  wireless  car¬ 
riers  until  Nov.  24  —  just  in  time 
for  Thanksgiving  —  to  let  cus¬ 
tomers  switch  providers  without 
giving  up  the  numbers  they  hold 
so  dear. 

But  carriers  continue  to  fight 
the  seemingly  inevitable,  seeking 
the  commissions  permission  to 
charge  more  fees  to  cover  the 
cost  of  infrastructure  upgrades 
and  looking  to  impose  further  re¬ 
strictions  on  customers.  The  FCC, 
which  has  granted  carriers  three 
deadline  extensions  in  recent 
years  to  let  them  better  prepare 
for  wireless  number  portability, 


says  it  plans  to  make  this  dead¬ 
line  stick  and  settle  the  ongoing 
debate  well  in  advance  of  Nov. 24. 

For  their  part,  many  customers 
are  ready  to  see  what’s  on  the 
other  side  of  the  fence  (see 
graphic,  right).  Some  say  they 
hope  to  strike  better  deals;  others, 
such  as  Intrust  Bank,  are  looking 
for  improved  customer  service. 

“[Wireless  number  portability] 
is  a  tremendous  opportunity  for 
business  users,”  says  E.  Patrick 
Rooney,  assistant  vice  president 
of  operations  at  Intrust,  a  large 
chain  of  banks  in  the  Midwest.“It 
is  a  huge  administrative  and  cus¬ 
tomer  relations  problem  if  you 
have  to  change  phone  numbers 
because  you’ve  changed  your 
wireless  carriers.” 

Jeff  Maszal,  principal  at  The 
See  Wireless,  page  72 


Will  they  stay  or  will 
they  go? 

Customers  are  split  over 
whether  they  will  exploit 
wireless  number  port¬ 
ability,  according  to  a 


recent  survey  of  100  com¬ 
panies  with  more  than  500 
employees. 


Foundry  readying 
WLAN  assault 


User  group’s 
demise  is 
sign  of  times 


■  BY  PHIL  HOCHMUTH 

Foundry  Networks  plans  to  go 
beyond  its  copper/fiber  roots 
next  month  when  it  launches 
enterprise  wireless  LAN  access 
points,  supporting  several  802.11 
flavors  with  features  such  as 
Power  over  Ethernet  and  802. lx 
security. 

The  company  —  known  more 
for  pushing  big  bandwidth  over 


■  Read  about 
Baylor  Univer¬ 
sity's  experience 
implementing 
security  across 
its  wireless  net. 
See  page  16. 


fiber  and 
copper  —  re¬ 
portedly  also 
will  offer  soft¬ 
ware  up¬ 

grades  for  its 
existing  LAN 

equipment  that  will  add  WLAN 
switching  capabilities,  such  as 
access  point  management  and 
control. 

See  Foundry,  page  70 


■  BY  LINDA  LEUNG 

The  closing  earlier  this  month 
of  the  55-year-old  Communica¬ 
tions  Managers  Association,  om 
of  the  most  influential  organ 
tions  for  network  executives 
ing  the  industry’s  rise,  po1 
the  fading  relevancy  o> 
groups. 

CMAs  demise  comes  <■ 

See  CMA,  p  ’ 
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Introducing  Microsoft  Windows  Server  2003.  Do  more  with  less. 

You're  being  asked  to  do  more.  You’re  being  asked  to  do  it  with  less.  Microsoft"  Windows  Server  2003  is  designed  to 
help  you  manage  these  opposing  forces  with  powerful  server  consolidation  capabilities  that  increase  efficiency,  decrease 
man-hours,  and  lower  your  total  cost  of  ownership.  Download  your  free  evaluation  copy  of  Windows  Server  2003 
at  microsoft.com/windowsserver2003  Software  for  the  Agile  Business. 

Information  Resources.  Inc.  (IRI)  manages  over  122  terabytes  of  data  to  provide  consumer  behavior  insights,  advanced  analytics,  and 
decision  analysis  tools  for  some  of  the  largest  consumer  packaged  goods,  healthcare,  retail,  and  financial  companies  in  the  world.  To  meet 
increasing  demand  for  faster,  more  granular  business  intelligence  while  reducing  costs,  IRI  is  using  64-bit  editions  of  Windows  Server 
2003  and  SQL  Server'  2000  on  an  Intel  Itanium  2  system  to  deliver  faster  answers  to  its  customers.  The  result?  IRI  will  be  able  to  process 
more  queries,  using  a  fraction  of  the  number  of  servers  while  realizing  significant  cost  savings  and  improving  customer  service. 
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Elmer  won  second  place 
in  a  gardening  contest. 

He  got  a  bag  of  seeds  and  a 
backyard  full  of  plastic  flamingos. 
You're  flying  high  now  Elmer. 


Nothing  beats  number  one. 


RETINA®  The  #1  Rated  Network  Security  Scanner 

Superior  Vulnerability  Assessment  &  Remediation 

Would  you  trust  the  security  of  your  network  to  anyone  but  the  industry  leader?  Introducing 
Retina,  the  industry's  #1  rated  vulnerability  assessment  solution  from  eEye  Digital  Security. 
Retina  uses  non-intrusive  tests  to  assess  your  network,  accurately  identify  weakness  and 
provide  comprehensive  detail  to  enable  complete  remediation.  Take  control  of  your  network 
and  let  Retina  simplify  your  risk-reduction  process.  Because  nothing  beats  number  one. 

Download  RETINA  Trial  Version  &  Receive  a  FREE  COFFEE  MUG* 

Visit:  www.eeye.com/freemug 
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Inollltn  Internet  security 

The  Internet  Danger  Zone:  How  dangerous  is  Lhn  Inlornol  these  days?  Our  two-woek  slice  of  InlnriiqL.actiyilv  •  :?  7 

shows  whore  attacks  arc  coming  from,  how  hackers  are  looking  to  got  into  corporate  networks  and  what  they  re  after  once,  they're  in.  Page  48. 

Who’s  that  knocking  at  the  network  door?  Tel  Aviv  University's  10,000-node  network  was  scanned  for  open  ports  96,00.0  times 
in  two  weeks  from  locations  in  99  countries,  Of  those,  85,000  scans  resulted  in  hankers  subsequently  coming  back  and  attempting  to  wreak  some 
havoc.  Because  most  were  random  IP  address  scans,  could  this  just  as  easily  have  boon  your  network.  Page  49. 
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What  do  they  want?  With  Internet  security  alerts  tripling  since  January,  sorting  the  Internet  background  noise  from  the  potentially  dangerous 
hacker  probes  and  prods  on  tho  Ohio  regional  ISP  wo  tracked  lor  two  weeks  was  not  an  easy  job.  But  in  the  end  wo  found  that  hackers  generally  are . 

looking  to  hit  machines  that  they  can  then  use  as  spam  relays,  to  store  illicit  files  and  to  control  in  order  to  launch  future  attacks.  Page  50. 
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The  ROI  Of  network  security  Putting  an  ROI  number  on  products  that  prevent  a  hack  attack.  Page  54. 
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Wireless  revolution?  Hah! 

Senior  Editor  John  Cox  analyzes  a  recent  spate  of  reports  on  the  wireless 
market  and  concludes  there  will  be  no  wireless  revolution. 

DocFinder:  7433 

Customer  service?  Not  exactly 


Compendium 

Monitoring  e-mail  use  in  the  name  of  science 
Fusion  Executive  Editor  Adam  Gaffin  points  you  toward  an  inter¬ 
esting  paper  that  attempts  to  gauge  the  impact  of  answering 
e-mail  on  worker  productivity.  DocFinder:  7435 


Senior  Editor  Denise  Pappalardo  has  a  rough  time  with  AT&T  Wireless 
—  and  winds  up  taking  her  business  elsewhere. 

DocFinder:  7434 

Seminars  and  events 

The  New  Data  Center:  Powering  the  Enterprise 

The  data  center  is  the  driving  force  of  the  enterprise,  rising  to  take  con¬ 
trol  through  consolidation  and  virtualization,  automation  and  efficiency.  If 
your  data  center  isn't  fully  metered,  accountable  and  effective,  don't  miss 
this  Network  World  Technology  Tour  event.  The  event  is  free  to  qualified 
professionals. 

DocFinder:  6646 
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Preventing  wireless  snooping 

The  Wizards  help  Alex  from  Pittsburgh  prevent 

eavesdropping.  DocFinder:  7436 
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eCommute,  interrupted 

Net.Worker  Managing  Editor  Toni  Kistner  wonders  if  the 
Global  Environmental  and  Technology  Foundation  can  get  the 
Federal  telework  pilot  on  track  before  time  runs  out. 

DocFinder:  7437 
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Forming  a  NetWare  exit  strategy 

Columnist  James  Gaskin  says  you  might  not  need  one.  Then 

again,  you  might.  DocFinder:  7438 
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The  patch  king 

■  Seems  like  every  week  brings  some  new  Microsoft  patches.  Last 
week  was  no  different.The  company  released  a  patch  for  a  number 
of  flaws  in  its  Internet  Explorer  Web  browser,  including  two  it  rated 
critical  for  some  versions  of  the  browser,  which  could  let  an  attack¬ 
er  take  control  of  a  user’s  computer.  It  also  released  a  patch  for  a 
flaw,  rated  important,  in  the  Microsoft  Data  Access  Components 
(MDAC)  element  of  Windows.  The  critical  flaws  affect  Internet 
Explorer  versions  5.01,5.5,6.0  and  6.0  SP1  (6.0  with  Service  Pack  1 
installed),  and  could  let  an  attacker  run  arbitrary  code  on  a  user’s 
system  if  the  user  visited  a  Web  site  or  read  an 
e-mail  message  in  HTML  designed  to  exploit  the  flaw,  Microsoft 
said.  Microsoft  urged  systems  administrators  to  install  the  patch, 
described  in  Microsoft  Security  Bulletin  MS03-032  (www.nw 
fusion.com,  DocFinder:  7357).  The  patch  brings  together  all  previ¬ 
ously  released  fixes  for  the  affected  versions  of  Internet  Explorer.  In 
a  separate  security  bulletin,  MS03-033  (DocFinder:  7358)  the  com¬ 
pany  warned  of  an  important  vulnerability  its  second-highest  dan¬ 
ger  rating,  in  the  MDAC  element  of  Windows.  The  flaw  in  MDAC 
could  let  an  attacker  run  arbitrary  code  on  a  vulnerable  system  — 
but  to  do  so, he  would  need  to  set  up  a  fake  SQLServer  on  the  same 
subnet  as  the  target  system,  Microsoft  said.  It  encouraged  customers 
to  install  the  patch,  which  also  includes  a  fix  for  an  earlier  vulnera¬ 
bility,  reported  in  security  bulletin  MS02-040. 

The  patch  king  (runner-up) 

■  Trying  to  keep  up  with  Microsoft  in  terms  of  security  flaws  discovered  on  a  weekly  basis, 
Oracle  last  week  warned  customers  about  security  holes  in  versions  of  its  Oracle  9i 
Database  Server.The  company  released  a  software  patch  and  Security  Alert  to  fix  “a  set”of 
buffer  overflows  in  the  XML  Database  component  of  Oracle9i.  The  XML  Database  lets 
Oracle  customers  have  queries  to  the  Oracle  database  returned  in  XML  format. The  vul¬ 
nerability  affects  Oracle  9i  Database  Server  Release  2. Customers  running  Release  1  or  ear¬ 
lier  versions  of  the  9i  Database  Server  are  not  affected,  the  company  said.  A  “knowledge¬ 
able  and  malicious” Oracle  user  could  exploit  the  vulnerability  to  launch  a  denial-of-ser- 
vice  attack  that  disrupts  the  Database  Server’s  operation  or  take  control  of  an  active  user 
session  on  the  Database  Server,  Oracle  said.  While  the  company  said  there  were  no  inter¬ 
im  workarounds  that  could  be  used  before  the  patch  is  applied,  customers  who  are  not 
using  the  XDB  features  could  disable  XDB  by  modifying  9i  Database  Server  configuration. 

Oracle  eyes  grid 

■  When  it’s  not  fixing  patches,  Oracle  said  last  week  it  would  add  grid-computing  capa¬ 
bilities  to  a  new  version  of  its  application  server  software,  part  of  a  broader  effort  to 
revamp  its  entire  product  line  around  the  utility  computing  model.  Analysts  say  the  goal 
is  worthy  but  don’t  see  customers  rushing  to  build  grids  just  yet.  Oracle  isn’t  saying  when 
it  plans  to  ship  the  upgrade  but  already  has  a  new  name  for  it:  Application  Server  lOg.Grid 
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The  Good  heBad  fhi  Ugly 


Silver  lining?  Well,  perhaps  we've  finally  found  a  way 
to  stop  spam.  This  note  came  from  a  reader  in  the  wake  of 
the  big  blackout  earlier  this  month:  "It  was  very  interesting 
to  come  into  work  on  the  West  Coast  the  night  after  the 
big  blackout  and  find  almost  no  spam  in  the  spam  filter. 

Leads  me  to  believe  most  spam  must  be  originating 
in  the  Northeast." 


All  eyes  on  HP.  HP  last  week  swung 
to  a  third-quarter  profit  and  posted  slightly 
better  revenue  than  a  year  ago,  but  the 
company  still  disappointed  Wall  Street  and  saw 
its  stock  get  whacked  by  10%  the  day  of  its 
financial  announcement.  "The  third  quarter  is 
always  tough,  but  we  still  should  have  done 
better,"  says  CEO  Carly  Fiorina,  whose  every  move 
continues  to  be  scrutinized  by  those  wondering  if 
HP's  buyout  of  Compaq  will  work  in  the  long  run. 


How  to  land  a  job.  Supreme  Court  Justice 
Antonin  Scalia  joked  with  telecom  industry  leaders  at  a 
recent  summit  in  Aspen,  Colo.,  about  how  he  got  the 
job  of  general  counsel  in  the  president's  Office  of 
Telecommunications  Policy  back  in  the  early  1970s. 
According  to  an  Associated  Press  report,  Scalia  said  he 
got  the  job  "principally  because  I  knew  absolutely  nothing 
about  telecommunications."  > 


computing  promises  to  let  businesses  treat  groups  of  servers  and  storage  equipment  as  if 
they  were  a  single  large  machine,  and  to  assign  computing  resources  to  applications  on 
an  as-needed  basis.  Proponents,  which  also  include  HP  and  IBM, say  it  will  help  business¬ 
es  save  money  by  letting  them  use  computing  resources  more  efficiently. 

E-mail  scam  warning 

■  Citibank  last  week  warned  customers  about  fake  e-mail  circulating  on  the  Internet  that 
claimed  to  be  from  the  bank  but  that  was  actually  an  attempt  to  scam  customers  into 
providing  sensitive  account  information.  The  fake  e-mail  warned  customers  that  their 
checking  accounts  could  be  blocked  if  they  didn’t  provide  confidential  information.This 
type  of  scam  —  sometimes  called  phishing  —  also  hit  Bank  of  America  recently. Citibank 
said  it’s  working  with  law  enforcement  to  track  down  the  source  of  the  fraudulent  e-mail. 

That's  fabless! 

■  Engim,a  fabless  silicon  design  start-up  that  has  designed  a  chipset  to  boost  the  capac¬ 
ity  of  wireless  LAN  access  points  by  up  to  50  times,  has  raised  $18.5  million  in  a  second 
round  of  equity  financing.The  latest  cash  infusion  came  from  Engim’s  existing  investors. 
Matrix  Partners  and  Bessemer  Venture  Partners,  plus  two  new  investors,  Benchmark 
Capital,  which  led  the  latest  round, and  Adams  Street  Partners.  First-round  funding  in  late 
2001  netted  $16  million.  Money  from  the  second-round  funding  will  be  used  to  integrate 
the  Engim  chipset  with  WLAN  access  points,  and  to  expand  the  chip  technology  into 
unnamed  new  markets  and  applications. 

A0L IM  video  4  U 

■  The  FCC  has  lifted  a  restriction  preventing  AOLTime  Warner  from  offering  streaming 
video  services  over  its  instant-messaging  software.  The  restriction  “no  longer  serves  the 
public  interest, convenience, or  necessity’ the  FCC  said. The  agency  noted  that  AOLTime 
Warner  competitors  such  as  Yahoo  and  Microsoft  have  gained  ground  in  the  instant-mes¬ 
saging  market  and  have  introduced  their  own  advanced  video  services  over  instant  mes¬ 
saging.  The  FCC  imposed  the  restriction  as  a  condition  of  AOLs  January  2001  marriage 
with  Time  Warner  because  it  feared  that  AOLs  dominance  in  text-based  messaging  com¬ 
bined  with  Time  Warner’s  cable  and  programming  assets  would  give  the  merged  compa¬ 
ny  an  unfair  advantage  in  the  advanced  instant-messaging  services  market. 


ARE  THE  SEVEN  DEADLY  INTERNET  SINS 
IMPACTING  YOUR  INFORMATION  SYSTEMS? 


Stop  backing  too lo  from 
threatening  network  security. 


Evil  lurks  all  over  the  Internet.  Keep  your  company’s 
network  secure  with  Websense  Enterprise  software. 

Root  out  hacking  tools  from  your  systems.  Block  access 
to  sites  that  promote  hacking  or  contain  malicious 
mobile  code.  And  beef  up  network  security  by 
proactively  preventing  the  launch  of  hacking  programs 
from  the  desktop.  With  its  efficient  installation  and 
seamless  integration  with  the  leading  firewalls,  proxy 
servers,  routers,  network  switches  and  caching 
appliances,  Websense  Enterprise  makes  protecting  your 
network  easier  than  ever.  So  why  not  turn  to  the 
leader  in  employee  Internet  management  to  bring  your 
company’s  anger  management  issues  under  control. 
Visit  www.websense.com  today  for  more 
information  or  to  download  a  free,  30-day  trial 
of  Websense  Enterprise. 


EMPLOYEE  INTERNET  MANAGEMENT 
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Show  to  feature  VoIP, 
voice-recognition  gear 


■  BY  PHIL  HOCHMUTH  AND  JOHN  COX 

There  are  two  things  that  always  need  improve¬ 
ment:  airline  food  and  telephone  customer  ser¬ 
vice.  To  address  the  latter  issue,  several  new  prod¬ 
ucts  are  on  tap  at  this  week’s  International  Call 
Center  Management  Conference  and  Expo  in 
Chicago. 

Products  being  rolled  out  at  the  show  aim  to 
improve  how  customer  contact  centers  operate 
using  voice  recognition  and  IP  telephony. Vendors 
say  companies  with  big  customer  service  centers 
can  cut  costs  by  voice¬ 
enabling  many  customer 
service  applications,  while 
IP  telephony  promises  a 
more  flexible  call  center 
infrastructure. 

At  the  show,  Intervoice  is 
scheduled  to  announce  its 
Omniva  Voice  Framework. 

The  vendor  says  Omniva 
could  let  a  company 
voice-enable  any  of  its 
Web  data,  which  could 
eliminate  expensive  data 
conversion  projects  that 
might  have  been  required 
to  add  speech  access  with 
proprietary  voice-recogni¬ 
tion  platforms. 

Omniva  is  an  application 
development  tool  that 
uses  VoiceXML  and 
Speech  Application  Lan¬ 
guage  Tags  (SALT)  tech¬ 
nology  to  link  Intervoice’s 
existing  voice-recognition  product  with  Web- 
based  data.  VoiceXML  and  SALT  are  developing 
Web  services  standards  used  to  enable  transac¬ 
tions  between  Web-based  applications  and  data 
stores.The  software  also  could  be  used  to  link  data 
with  other  voice  recognition  front-end  products. 

Continental  Airlines  is  one  company  that  is  sold 
on  voice  recognition.  The  airline  has  installed  a 
speech  recognition  service  based  on  technology 
from  ScanSoft  (an  Intervoice  competitor  that  also 
will  exhibit  at  the  ICCM  show). Travelers  within  the 
U.S.  can  call  a  toll-free  number  and  select  voice- 
based  information  services.  When  a  caller  presses 
the  corresponding  number,  automatic  call  distrib¬ 
utors  (ACD)  at  the  Continental  call  center  transfer 
the  call  to  the  ScanSoft  server,  which  begins  a 
voice  conversation  with  the  customer.  Customers 
can  ask  questions  on  flight  arrival  and  departures 
and  other  basic  information. 

Improved  customer  service 

Although  he  could  not  speak  to  Continental’s 
in-flight  cuisine,  Omar  Alvi,  manager  of  speech 
and  wireless  programs  for  the  airline,  says  the 
ScanSoft  technology  has 
greatly  improved  customer 
service.  Call  center  agents 
now  can  handle  more  com¬ 
plex  service  tasks,  instead  of 
just  reading  flight  data  off 


screens  to  callers. 

There  were  reservations  about  replacing  cus¬ 
tomer-facing  agents  with  a  computer,  but  the  tech¬ 
nology  has  evolved  to  the  point  where  it’s  not  a 
concern,  Alvi  says. 

“Five  or  10  years  ago,  speech  recognition  from  a 
pure  technology  standpoint  might  not  have  met 
our  customer  expectations,”  he  says.  “But  it  has 
evolved  into  a  very  powerful  tool.” 

In  the  area  of  call  center  infrastructure,  Aspect 
Communications  is  set  to  unveil  a  new  release  of  its 
core  product,  Aspect  Call  Center,  along  with  a 

repackaging  of  some  prod¬ 
ucts  for  small  to  midsize 
call  centers.  Aspect  also 
will  announce  its  Uniphi 
Solution  Suite,  an  all-IP- 
based  call  center  product. 

The  Uniphi  suite  will 
create  a  group  of  applica¬ 
tions,  management  fea¬ 
tures,  reports  and  devel¬ 
opment  tools  that  span  a 
range  of  call  technolo¬ 
gies,  including  e-mail, 
chat  and  interactive 
voice  response  tele¬ 
phone  systems.  No 
release  date  or  pricing 
has  been  set. 

Joining  hands 

3Com  and  Aspect  also 
are  announcing  a  joint 
product  development 
and  marketing  deal 

whereby  the  Uniphi  suite 
will  be  integrated  with  3Com’s  latest  large-enter- 
prise  IP  PBX  platform  —  a  repackaged  product 
from  its  carrier-class  CommWorks  softswitch  offer¬ 
ing,  which  can  scale  to  more  than  10,000  phones. 

Aspect  says  the  deal  with  3Com  ends  the  com¬ 
pany’s  own  venture  into  IP-based  PBX  and  ACD 
call  control  platforms.  Aspect  will  continue  to 
develop  and  support  its  TDM  ACDs.  Its  Uniphi 
software  also  will  work  with  Aspect’s  TDM-based 
based  switches. 

The  key  change  in  Version  9  of  Aspect  Call 
Center  is  the  new  Uniphi  Connect  card,  which  is 
plugged  into  a  slot  on  the  back  of  an  Aspect  TDM- 
based  ACD  to  connect  with  an  IP  PBX.  With  the 
card,  call  center  agents  on  public  switched  tele¬ 
phone  networks  or  IP  networks  can  use  ACD- 
based  services. 

The  Iphinity  line,  yet  another  new  offering  from 
Aspect,  is  aimed  at  call  centers  with  50  to  150 
agents.  The  Iphinity  CallCenter  and  Iphinity 
Workforce  Management  software  are  subsets 
of  the  enterprise  versions  of  these  products. 
In  both  cases,  Aspect  has  preconfigured  a  range  of 
settings  and  limited  some  options.  This  approach 
keeps  down  the  price  and 
speeds  up  deployment. 

The  CallCenter  starts  at 
$  1 99,000  for  48  agents.  Pricing 
for  Workforce  Management 
has  not  been  finalized.  ■ 


Hot  Some  key  technologes  on 
display  at  the  Internatinal 
Call  Center  Management 
Expo  will  include: 

•  Voice  recogntion 

With  features  such  as  VoiceXML 
and  Speech  Application  Language 
Tags  for  setting  up  customer  self- 
service  applications  through  speech 
commands: 

Customer:  “I'd  like  to  change  my 
hotel  reservation.” 

Speech  server:  "OK,  I  can  help 
you  with  that.” 

•  IP  telephony 

IP  voice  transport  could  extend  call 
center  applications  integrated  with 
voice  to  almost  anywhere: 
Work-from-home  agents  could  cut 
down  support  costs. 


Convergence 

Subscribe  to  our  free  newsletter. 
DocFinder  S434  www.nwfusion.com 


FCC  sets  telecom 
competition  rules 


■  BY  GRANT  GROSS 

The  FCC  last  week  released  a 
long-awaited  final  order  govern¬ 
ing  competition  among  tele¬ 
phone  companies  and  ISPs,  but 
legal  challenges  almost  certain¬ 
ly  are  on  the  way 

The  576-page  order  —  known 
as  the  triennial  review  —  is 
designed  to  set  the  rules  on 
what  parts  of  their  networks  the 
four  regional  Bell  operating 
companies  must  share  with 
competitors  at  discounted 
prices.  The  order  largely  added 
details  to  a  decision  commis¬ 
sioners  made  Feb. 

20,  when  the  FCC 
voted  to  let  the  Bells 
refuse  to  share  new 
fiber-based  broad¬ 
band  networks  with 
competitors. 

FCC  Chairman 
Michael  Powell,  who 
was  outvoted  3-2  in 
the  commission’s 
February  decision, 
cheered  the  final 
order  for  letting  the 
Bells  stop  offering 
discounted  line¬ 
sharing  services  to 
competing  ISPs  off¬ 
ering  DSL  service  to  residential 
customers. That  decision  will  let 
the  Bells  invest  in  new  broad¬ 
band  Internet  services,  includ¬ 
ing  fiber  to  homes,  he  said  in  a 
statement. 

However,  Powell  criticized  the 
commission’s  decision  to  let 
state  public  service  commis¬ 
sions  set  the  discounts  that  the 
Bells  must  offer  for  their  switch¬ 
ing  facilities.  Powell  said  the 
decision  preserves  FCC  rules 
that  have  twice  failed  in  court 
challenges  since  Congress 
passed  the  Telecommunications 
Act  of  1 996. 

“The  majority’s  switching 
decision  is  bad  law,  bad  policy 
and  ultimately  bad  for  con¬ 
sumers,”  Powell  wrote  in  his 
statement  about  the  order. 
“After  one  sorts  through  the 
legal  contortions  of  the  majori¬ 
ty’s  switching  decision  he  will 
find  an  order  remarkably  simi¬ 
lar  to  the  prior  two  fatal  deci¬ 
sions  —  one  that  preserves 
[network  sharing]  as  the 
favored  mode  of  competition." 

The  Bells  argue  they  shouldn’t 
have  to  prop  up  their  competi¬ 
tion  by  offering  parts  of  their 


phone  networks  at  discounted 
prices.  They  argue  that  competi¬ 
tors  should  have  to  build  their 
own  networks  or  pay  full  price 
to  use  the  Bells'  equipment. 

But  competitors  such  as  AT&T 
and  MCI  contend  that  without 
the  discounts  on  the  Bells’  so- 
called  unbundled  network  ele¬ 
ments  (UNE),  competition 
would  dry  up  and  the  Bells 
would  gain  regional  monopo¬ 
lies  on  phone  and  phone-line- 
based  Internet  services.  The 
Competitive  Telecommuni¬ 
cations  Association  says  it  was 
pleased  with  the  FCC’s  decision 
to  preserve  switch¬ 
ing  discounts  but 
concerned  about 
the  decision  on 
DSL. 

The  FCC’s  Febru¬ 
ary  decision  left  it 
up  to  state  public 
utility  commissions 
to  decide  whether 
the  Bells  still  should 
offer  local  phone 
switching  facilities 
to  competing  carri¬ 
ers  at  discounted 
rates  in  the  home 
and  small-business 
markets.  The  order 
lets  the  Bells  end  discounts  for 
switching  facilities  in  the  large 
business  market.  But  the  written 
order,  which  can  be  viewed  at 
www.nwfusion.com,  DocFinder: 
7356,  introduces  a  new  method 
of  deciding  when  the  Bells  must 
offer  their  UNEs  at  discounted 
prices  to  competitors. 

States  will  have  nine  months 
after  the  order  goes  into  effect 
to  decide  whether  to  require 
the  Bells  to  offer  switching  facil¬ 
ities  to  competitors  at  dis¬ 
counted  rates. 

The  FCC  order  gives  ISPs  three 
years  to  phase  out  their  use  of 
discounted  line  sharing  from 
the  RBOCs. 

FCC  critics  say  the  six-month 
delay  between  the  FCC  vote  and 
the  final  order  has  postponed 
investment  in  telecom  compa¬ 
nies  and  services.  FCC  staffers 
say  the  delay  was  unavoidable 
given  the  complexity  of  the  new 
rules  and  the  two  previous  court 
rejections  of  FCC  attempts  to 
create  the  rules. 

Gross  is  a  correspondent  with 
IDG  News  Service's  Washington , 
D.C.,  bureau. 


FCC  Chairman  Michael 
Powell  says  the  new 
regulations  will  let  the 
Bells  invest  in  advanced 
broadband  Internet 
services. 
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SCO  show  used  to  defend  fight  with  IBM 


■  BY  DENI  CONNOR 

LAS  VEGAS  —  If  SCO  users  and  resellers 
went  to  last  week’s  SCO  Forum  looking  for 
some  clarity  in  the  company’s  battle  with 
the  Linux  community  and  IBM  —  they  got 
little.  What  they  got  was  the  atmosphere  of 
a  circus  sideshow  and  yes,  some  product 
directions. 

SCO  focused  on  its  lawsuit  against  IBM, 
seeking  to  parry  criticism  of  its  actions  in 
what  many  see  as  an  attack  on  the  open 
source  community.  The  company  handed 
out  T-shirts  that  read  ‘Got  Unix  in  your 
Linux?’  SCO  played  on  the  emotions  of  its 
resellers,  who  want  to  make  money  selling 
software  and  prefaced  every  presentation 
as  to  how  things  will  be  for  SCO  users  if  the 
judge  throws  its  case  out  of  court. 

Separate  product  road  map  presentations 
highlighted  enhancements  SCO  will  make 
to  its  OpenServer  and  UnixWare  operating 
systems  as  well  as  a  new  version  of  Unix 
System  V  Release  6.  All  new  versions  of 
SCO’s  products  will  be  Web-enabled  and 
include  programs  such  as  Tomcat,  Apache 
Web  server,  Mozilla  and  Samba  support.  A 
SCOx  initiative  adds  Web  services  capabili¬ 
ties  to  the  company’s  products. 

Users  say  they  came  to  the  SCO  Forum  to 
try  to  understand  what  the  company  that 
makes  the  products  they  use  is  doing  and 
to  see  if  the  company  has  future  product 
plans.  “I  came  to  find  out  more  about  the 
lawsuit  since  a  few  customers  have 
expressed  concern  as  to  where  things 
might  go,"  says  Thomas  Madison,  CEO  and 
senior  engineer  for  Scatterpoint  Tech¬ 
nologies  Group,  an  IS  consultant  for  small 
and  midsize  businesses  in  Portland,  Ore. 

“Some  customers  are  on  the  fence  right 
now  regarding  whether  to  go  to  Windows,” 
says  Madison,  who  has  attended  SCO 
Forum  for  the  past  14  years.  “This  might 
drive  them  that  way  if  they  sense  uncer¬ 
tainty  about  the  future  of  SCO  and  its  prod¬ 
ucts,  so  1  want  to  be  able  to  reassure  them 
that  things  will  be  OK." 

“Customers  originally  called  us 
and  asked  'what’s  going  on,  we’re 
worried  about  this,”’ says  Stephen 
Kyriakos,  a  director  at  Integra 
Solutions,  a  database  consultan¬ 
cy.  “SCO  right  now  is  a  big  ques¬ 
tion  mark.  As  a  company, are  they 
going  to  be  around,  will  they  be 
smushed  by  IBM,  what  exactly  is 
going  to  happen?" 

Although  concerned  about 
SCO’s  legal  entanglement,  other 
users  and  resellers  also  wanted  to 
be  reassured  that  SCO  planned 
to  further  enhance  its  Open- 
Server  and  UnixWare  products. 

Resellers  play  an  immense  role 
in  their  customers’  networks  — 
they  fulfill  the  IS  function  for 
small  and  midsize  businesses, 
many  of  whom  do  not  have  IT 
staff  to  manage  their  networks. 


Linux  advocate  claims  SCO  evidence  flawed 


l  he  SCO  Group  is  0  for  2  in  its  efforts  to  prove  that  its 
Unix  software  was  illegally  copied  into  the  Linux  operat¬ 
ing  system,  according  to  Linux  advocate  Bruce  Perens, 
who  last  week  said  he  traced  a  second  example  of  SCO’s  dis¬ 
puted  code  and  that  it  was  lawfully  included  in  Linux. 

The  revelation  came  the  day  after  Linux  enthusiasts  claimed 
to  have  proved  that  SCO’s  first  public  example  of  copyright 
violations  in  Linux  was  illegitimate. 

SCO  revealed  the  two  snippets  of  code  during  a  keynote 
address  at  its  annual  SCO  Forum  user  conference  in  Las 
Vegas  last  week.  German  publisher  Heise  published  the  first 
snippet,  which  SCO  claimed  was  copied  line  by  line  from  Unix 
into  Linux.  The  second  example,  which  SCO  claimed  was  an 
“obfuscated”  —  or  neatly  identical  —  copy,  was  obtained 
from  SCO  by  IDG  News  Service. 

At  the  keynote,  Chris  Sontag,  SCO’s  general  manager  and 
senior  vice  president  of  SCOsource,  said  the  snippets  were 
just  two  examples  of  many  intellectual  property  violations  his 
team  found  in  the  Linux  source.  “We’ve  been  able  to  find  these 
little  needles  in  a  Mount  Everest-sized  haystack,"  he  said. 

But  these  first  two  examples  can  be  traced  to  the  open 
source  Berkeley  Software  Distribution  (BSD)  Unix,  and  not  to 
SCO’s  AT&T  Unix  source  code,  and  both  are  legitimately 
included  in  Linux,  Perens  said. 


"These  are  probably  the  best  examples  that  SCO  has  to 
show,  and  they’re  awful,”  Perens  said.  "They  would  not  stand 
up  for  a  day  in  court.” 

In  March,  SCO  sued  IBM,  claiming  that  Big  Blue  had  inap¬ 
propriately  contributed  code  to  Linux.  Since  then,  SCO  has 
widened  its  allegations  about  the  nature  of  the  improper  con¬ 
tributions  to  Linux,  and  now  maintains  that  source  code 
belonging  to  SCO  has  been  copied  line-by-line  into  the  Linux 
operating  system, 

SCO  was  countersued  by  IBM  in  early  August,  and  also  has 
been  sued  by  Red  Hat. 

“The  obfuscated  code  example  is  not  SCO’s  property," 
Perens  said.  “It  was  developed  by  the  Lawrence  Berkeley  Lab 
in  1993,  underfunding  of  the  U.S.  government. The  code  was 
added  to  SCO’s  version  of  Unix  in  1995  or  1996,  he  maintained. 
“SCO  took  [the  BSD]  source  code,  lost  the  attribution,  and 
now  believes  it’s  theirs." 

SCO  disputed  Perens’  claims.  "We’re  the  owners  of  the  Unix 
[AT &T]  System  V  code,  and  so  we  would  know  what  it  would 
look  like,"  he  said.  "Until  it  comes  to  court,  it’s  going  to  be  our 
word  against  theirs." 

Perens’  code  analysis  can  be  found  at  www.nwfusion.com, 
DocFinder:  7352. 

—  Robert  McMillan,  IDG  News  Service 


“Last  year  at  SCO  Forum  I  complained 
about  a  lack  of  features  in  OpenServer  and 
UnixWare,”  says  Boyd  Gerber,  CEO  for  SCO 
UnixWare  and  OpenServer  reseller  Zenez 
in  Midvale,  Utah. “1  came  to  SCO  Forum  to 
see  if  they  have  fixed  all  I’ve  asked  about.” 

“We  are  glad  SCO  is  not  solely  focused  on 
the  lawsuit,”  Kyriakos  says.  “They  still  have 
plans  going  forward,  they  still  are  going  to 
do  product  releases.  They  are  not  just  bet¬ 
ting  100%  on  the  lawsuit.” 

SCO  CEO  and  President  Dari  McBride 
highlighted  his  company’s  complaint 
against  IBM  for  copyright  infringement  to 


the  500  attendees  at  the  James  Bond- 
themed  SCO  Forum  2003. 

He  likened  what  SCO  is  doing  to  a  Bond 
movie.“We’re  off  fighting  for  the  right  prin¬ 
ciples  like  Bond  did, ’’McBride  said.“We  find 
ourselves  in  the  midst  of  the  battle  of  the 
century  We  are  subject  to  attack.  We’ve 
heard  people  may  picket  on  Las  Vegas 
Boulevard.  1  can  see  them  carrying  ‘SCO  to 
Hell’ signs.” 

McBride  and  Chris  Sontag,  senior  vice 
president  and  general  manager  of  the 
SCOsource  division, explained  and  exhibit¬ 
ed  publicly  for  the  first  time  scraps  of  Unix 


SCO’s  product  road  map 

SCO  promises  a  variety  of  new  features  in  its  next  versions  of  OpenServer, 
UnixWare,  SCO  Unix  9  and  Unix  System  V  Release  6. 


SCO  OpenServer 
(Project  Legend) 

SCO  UnixWare 

SCO  Unix  9 

Unix  System  V  Release  6 

Q4  2004 

Q1 2004 

Q1  2005 

Q4  2004 

•  Large  file  system 
support. 

•  Parallel  threads. 

•  Java. 

•  Samba3. 

•  Apache,  Mozilla,  SCOx 
Web  Services. 

•  32-bit  File  Allocation 
Table. 

•  New  USB,  Host  Bus 
Adapter  (HBA)  support. 

•  IPSecurity,  VPN,  PAM. 

•New  USB,  HBA  and 
network  interface 
support. 

•  IPSec,  Pluggable 
Authentication 
Modules  (PAM),  VPN. 

•Tomcat,  PHP,  Simple 
Object  Access 
Protocol  (SOAP), 

Perl,  Mozilla,  Java 
1.4.2. 

•  OpenLDAP. 

•  SCOx  Web  Services. 

•  Runs  SCO 
OpenServer, 
UnixWare,  Windows, 
Linux  Standards 

Base  binaries. 

•  64-bit  operation. 

•  SCOx  Web  Services. 

•  SVR6  compliant. 

•  Universal  Driver 
Interface. 

•  SCOx  Web  Services. 

•Windows  support. 

•  Java  2  Platform 
Enterprise  Edition, 

XML,  SOAP,  Web 

Based  Enterprise 
Management. 

•  Remote  Web 
management. 

SVR5  code  they  say  have  made  their  way 
into  Linux. 

“Has  Unix  found  its  way  into  Linux?” 
McBride  asked. “Absolutely,  it  has.” 

Interjecting  some  seriousness  into  the 
sideshow  atmosphere,  Sontag  said  the 
majority  of  the  code  they  have  cited  as 
infringing  its  Unix  SVR5  license  was  con¬ 
tributed  to  Linux  by  IBM.  He  says  the  com¬ 
pany’s  lawsuit  against  IBM  revolves  around 
the  notion  of  derivative  works  —  the  idea 
that  code  IBM  developed  from  Unix  must 
be  kept  confidential  and  not  shared  with 
others  as  IBM,  and  other  vendors  such  as 
SGI,  have  allegedly  done. 

Linux  faithful  have  proposed 
taking  out  the  infringing  code 
and  restoring  Linux  to  pre-2.4  ker¬ 
nel  shape. 

“If  there  is  infringing  code  in  the 
Linux  kernel,  our  community 
wants  no  part  of  it  and  will 
remove  it,”  says  Eric  S.  Raymond, 
an  open  source  spokesman  in  a 
memo  issued  last  week. 

McBride,  however,  said  this  is 
not  enough. 

“  [Taking  out  the  infringing  code 
is]  the  equivalent  of  taking  a  60- 
story  building  and  ripping  out  the 
middle  30  floors,"  McBride  said. 
“The  top  half  would  come  down 
and  just  magically  match  up  with 
the  bottom  half.  That’s  the  order 
of  magnitude  of  problem  we  are 
dealing  with  here  on  the  deriva¬ 
tive  works  side."  ■ 


ConsoleWorks® 

Independent  of  the  network, 
ConsoleWorks  is  connected  via 
a  serial  or  network  console  port 
to  continuously  monitor,  audit  and 
log  information  about  the  health 
of  each  network  component. 


Someone  logged  onto  your  network  at  3  a.m.  At  4  a.m.  your  most  critical  server  died. 
Coincidence?  With  ConsoleWorks®  from  TDi,  you  would  know.  You  also  would  know 
who  was  connected  to  the  device,  what  they  did  to  that  device,  what  caused  the 
failure,  and  what  was  done  to  bring  the  device  back  up.  Are  you  ready  to  brief  your 
CTO  this  morning  with  that  level  of  detail?  Using  ConsoleWorks,  you  get  a  scalable 
solution,  world-class  support,  updated  products,  enhanced  security,  aggregation,  and 
features  that  go  above  and  beyond  any  similar  product.  It's 
also  simple  to  install.  Contact  us  at  +1.800.695.1258  or  visit  us 
at  www.tditx.com/netad.  Call  us.  Know  your  devices  are  secured. 

+1.800.695.1258  I  www.tditx.com  Development 


ConsoleWorks  is  a  registered  trademark  of  TECSys  Development,  LP. 
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Worm  outbreaks  saturate  networks 


M  BY  ELLEN  MESSMER 

Last  week  went  down  as  one  of 
the  worst  computer  security 
weeks  ever,  as  a  spate  of  new 
worms  crippled  corporate  and 
government  networks  that  rely  on 
Microsoft  software. 

The  attacks,  which  came  a 


week  after  the  damaging  Blaster 
(or  LovSan)  worm  struck,  in¬ 
cluded  a  variant  on  that  intruder 
and  with  another  worm  designed 
to  save  users  from  Blaster  but 
instead  wound  up  clogging  net¬ 
works  (see  graphic). 

Meanwhile,  a  spinoff  of  the 
SoBig  mass-mailer  worm,  tricked 


Microsoft  ponders  automatic 
patching  to  boost  security 

■  n  the  wake  of  a  widespread  Internet  worm,  Microsoft  is 

■  weighing  options  to  get  more  users  to  secure  their  comput- 
I  ers,  including  automatically  applying  security  patches  to 
PCs  remotely. 

“We  are  looking  at  a  range  of  options  to  get  critical  updates 
on  more  systems,  from  finding  ways  to  encourage  more  people 
to  keep  their  systems  up  to  date  themselves  to  where  it  is  done 
automatically  by  default  for  certain  users,"  says  Matt  Pilla, 
senior  product  manager  for  Windows  at  Microsoft. 

Microsoft  does  not  plan  any  immediate  changes  to  the  way  it 
delivers  security  patches,  but  the  company  also  does  not  intend 
to  wait  until  the  release  of  its  next  operating  system  to  improve 
it,  Pilla  says. 

"This  is  a  priority  for  us.  There  are  a  lot  of  things  we  can  do 
during  the  Windows  XP  time  frame  to  help  people  make  their 
PCs  more  secure,"  he  says.  The  successor  to  XP,  code-named 
Longhorn,  is  expected  to  be  out  in  2005  or  2006. 

Microsoft  delivers  software  patches  through  its  Windows 
Update  Web  site  and  through  update  software  in  XP,  Windows 
2000  and  ME.  The  software  does  not  download  and  install 
patches  by  default,  but  asks  a  user  to  select  from  various 
options,  including  alerts  when  an  update  is  available. 

"Giving  the  user  the  ability  to  control  auto  update  is  important 
to  us,"  Pilla  says.  “One  of  the  things  we  are  working  on  is  a  bal¬ 
ance  between  keeping  systems  up-to-date  and  giving  users  the 
control  over  their  systems." 

On  July  16,  Microsoft  issued  a  critical  security  update  that 
fixes  a  serious  security  vulnerability  in  Windows.  The  company 
urged  customers  to  patch.  Many  apparently  ignored  the  warn¬ 
ing;  the  Blaster  worm  that  started  spreading  weeks  later  was 

!able  to  infect  hundreds  of  thousands  of  computers  by  taking 
advantage  of  the  vulnerability. 

Russ  Cooper,  surgeon  general  of  TruSecure  and  moderator  of 
the  discussion  list  NTBugtraq,  is  an  outspoken  critic  of 
Windows  Update.  Nevertheless,  he  is  in  favor  of  automatically 
delivering  security  updates. 

"I  think  it  is  a  great  idea,  they  should  have  done  it  ages  ago," 
he  says.  “We  will  scrutinize  the  way  they  do  it.  I  applaud  them 
for  being  willing  to  be  put  under  such  a  microscope  for  some¬ 
thing  they  believe  the  world  does  not  trust  them  to  do.” 
Microsoft  has  no  choice:  It  has  to  take  patching  in  its  own 
5  hands,  says  Rob  Enderle,  principal  analyst  at  Enderle  Group, 
f  "They  absolutely  have  to  create  a  program  where  patches  are 
applied  automatically,"  he  says. 

People  worried  about  giving  Microsoft  control  over  their  sys- 
*  terns  should  weigh  the  alternative,  Enderle  says.  “People  really 
'•  don't  want  to  give  Microsoft  access,  but  if  they  don’t,  then  the 
patches  don't  get  applied  timely.  It  is  about  relatives,  do  folks 
.  trust  Microsoft  more  than  they  trust  a  hacker?" 

—  Joris  Evers,  IDG  News  Service 


victims  into  opening  attachments 
to  so  that  it  could  grab  their 
Outlook  address  book  to  mail 
itself  again. VeriSign  reported  that 
SoBigF,  programmed  to  send  mail 
traffic  through  one  of  the  compa¬ 
ny’s  root  DNS  servers,  caused  a  20- 
fold  spike  in  traffic  between  Tues¬ 
day  and  Wednesday.  (Security 
watchers  warned  Friday,  just 
before  press  time,  that  SoBig.F 
carries  a  Trojan  it  might  use  to 
attack  an  unknown  target  later 
that  day) 

Among  those  networks  feeling 
the  pain  last  week  was  the  Navy 
Marine  Corps  Intranet  (NMCI), 
used  by  about  100,000  person¬ 
nel.  It  was  saturated  for  three 
days  with  scanning  caused  by 
Welchia,  a  worm  with  a  mission 
to  use  Blaster-like  techniques  to 
break  into  computers  to  disin¬ 
fect  machines  hit  by  Blaster 
and  then  patch  them.  Welchia 
infected  tens  of  thousands  of 
NMCI  computers. 

“It  was  pinging  away  trying  to 
grab  a  patch  from  Microsoft,"  says 
Capt.  Chris  Christopher.  “The  traf¬ 
fic  was  getting  too  heavy  and  it 
affected  network  performance.” 

NMCI  desktop  computers 
weren’t  affected,  but  network 
capacity  wasn’t  restored  in  large 
part  until  last  Thursday  The  mas¬ 
sive  cleanup  effort  involved 
patching  machines  for  the  Micro¬ 
soft  vulnerabilities  Welchia  ex- 
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Under  attack 

Four  new  worms  and  viruses  created  havoc  on  computer 
networks  last  week. 


|  Virus/worm 

Description 

Lovsan.D 

Variant  of  LovSan  (also  known  as  Blaster,  MSBIast, 
LoveSAN)  with  an  attachment  called  mspatch.exe 
instead  of  msblast.exe.This  worm  exploits  the  same 
Microsoft  remote  procedure  call  (RPC)  vulnerability; 
its  scanning  causes  network  congestion. 

Welchia 
(also 
known  as 
Nachi) 

Uses  RPC  hole  to  infect  unpatched  machines  running 
Microsoft  software  by  exploiting  the  WebDAV 
vulnerability,  with  the  intent  of  killing  Blaster  worm 
infestations  and  downloading  the  Microsoft  patch. 

But  it  causes  network  congestion  through  scanning. 

SoBig.F 

Fifth  variant  of  the  SoBig. A  worm  first  spotted  in 
January,  SoBig.F  is  a  mass  mailer  that  tricks  victims 
into  opening  attachments,  such  as  "Wicked 
Screensaver,”  then  installs  a  backdoor,  while 
grabbing  directory  addresses  to  mail  itself  to  new 
victims.  It  clogs  mail  servers  and  mailboxes. 

Dumaru 

A  mass-mailer  worm  that  fakes  its  way  into  a  user’s 
trust  as  spoofed  mail  from  support@microsoft.com, 
but  when  the  attachment  is  opened,  installs  a 
backdoor  that  lets  the  virus  writer  control  the  machine. 

ploited,  as  well  as  ensuring  anti¬ 
virus  signatures  were  place. 

The  NMCI  uses  Symantec’s  anti¬ 
virus  products,  but  Symantec 
didn’t  have  the  signature  update 
for  Welchia  ready  until  several 
hours  after  it  hit,  Christopher  says. 

Blaster  hits  airline  system 

Separately,  a  variant  on  the 
Blaster  virus  affected  about  half 
of  Air  Canada’s  phone-reservation 
system  and  some  airport  check-in 
operations  last  Tuesday,  even 
causing  some  flights  to  be 
delayed  or  canceled.  CSX,  the 
third  largest  railroad  company  in 
North  America,  also  blamed 
worms  for  creating  transportation 
delays. 

According  to  CSX,  the  worm 
outbreaks  mainly  hit  its  network¬ 
supporting  applications  used  for 
dispatch  and  signal  systems  oper¬ 
ated  by  the  CSX  Transportation 
division.  The  network  saturation 
caused  CSX  to  halt  passenger  and 
train  traffic,  including  morning 
commuter  service  into  the 
Washington,  D.C.,  area. 

In  light  of  the  new  attacks  and 
the  Blaster  infections,  Microsoft 
has  started  a  fresh  dialogue  about 
how  it  might  change  its  patching 
strategy,  at  least  when  it  comes  to 
home  computers  outfitted  with 
XP  (see  related  story,  left). 

That  operating  system  has  a  fea¬ 
ture  to  automatically  notify  an 
end  user  that  a  software  patch  is 


needed  and  apply  it. 

A  Microsoft  spokesman  says  the 
company  is  pondering  whether 
to  alter  this  feature  in  future  re¬ 
leases  so  that  it  would  work  by 
default.  The  company  says  it  be¬ 
lieves  this  method  would  be 
more  effective  instead  by  apply¬ 
ing  the  patch  because  warnings 
often  are  ignored. 

Microsoft  was  looking  for  feed¬ 
back  on  that  idea,  which  it 
acknowledged  could  affect  the 
corporate  world  where  XP  also  is 
increasingly  used. 

In  terms  of  the  Blaster  worm, 
which  was  programmed  to  con¬ 
tinuously  launch  a  denial-of-ser- 
vice  attack  against  the  Microsoft 
windowsupdate.com  URL  on 
Aug.  16,  the  company  disabled 
the  targeted  link  to  preserve  the 
main  portion  of  the  site.  However, 
that  URL  won’t  be  available  for 
the  foreseeable  future. 

As  to  the  question  of  Dumaru 
—  a  worm  launched  last  week 
that  pretended  to  be  from 
Microsoft  but  carried  a  danger¬ 
ous  Trojan  as  an  attachment  — 
Microsoft  says  it  never  sends  out 
attachments  in  any  official  e-mail 
in  a  public  mass  mailing.* 
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The  human  body  has  an  amazing  capacity  to  adapt  to  shifting 
demands.  So  do  IBM  TotalStorage  products.The  IBM  TotalStorage 
Virtualization  Family  manages  your  individual  storage  resources 
as  one  common  virtual  pool.  It  can  then  allocate  storage  to  your 
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Micromuse 
adds  to 
mgmt. 
arsenal 

■  BY  DENISE  DUBIE 

Micromuse  announced  last 
week  it  has  acquired  a  former 
OEM  partner  for  $23  million  in  a 
deal  designed  to  complement  its 
strength  in  network  management 
with  applications  and  system 
management  capabilities. 

The  maker  of  the  Netcool  ser¬ 
vice  assurance  software  suite  is 
buying  Network  Harmoni,  an 
Australian  company  that  devel¬ 
ops  agent  software  for  managing 
systems  and  applications.  Under 
an  OEM  agreement  that  went 
into  effect  in  April  2002,  Mi¬ 
cromuse  has  used  Network  Har- 
moni’s  agents  in  its  Netcool/ 
System  Service  Monitors  and 
Netcool/Application  Service 
Monitors,  both  of  which  sit  on 
managed  devices  to  collect  data 
and  feed  it  to  Netcool’s  adminis¬ 
tration  console. 

Micromuse  executives  say  the 
acquisition  will  give  the  company 
more  control  of  agent  develop¬ 
ment  and  help  it  deliver  products 
to  customers  more  quickly. 
Micromuse  says  90  of  its  cus¬ 
tomers  have  Network  Harmoni 
technology  installed.  Network 
Harmoni  says  its  software  is  used 
in  more  than  5,000  customer  net¬ 
works  worldwide,  which  gives 
Micromuse  a  possible  entree  to 
even  more  sites.  Micromuse  also 
gets  Network  Harmoni’s  Op- 
Center  product,  a  lightweight  IT 
management  system  tailored  for 
small  and  midsize  companies. 

Micromuse,  which  closed  a  suc¬ 
cessful  third  quarter  in  June  gar¬ 
nering  $33  million  in  revenue, 
also  has  opted  to  acquire  tech¬ 
nology  in  the  past. 

The  company  in  June  2002 
bought  RiverSoft  for  $63  million, 
and  company  executives  say 
Micromuse  will  continue  to  con¬ 
sider  acquisition  an  option  to 
new  technologies. When  it  report¬ 
ed  earnings,  Micromuse  had 
about  $212  million  in  cash  and 
investments,  had  recently  won  45 
new  customers  and  maintained 
a  90V.  renewal  rate  among  exist¬ 
ing  customers. 

Craig  Farrell.  Network  Harmoni 
CEO  and  CTO,  now  joins  Mi¬ 
cromuse  as  its  CTO.  Micromuse 
recently  added  former  Juniper 
executive  Lloyd  Carney  as  its 
chairman  and  CEO.  ■ 


Lessons  from  leading  users 


Baylor  University  signs  up  for 
difficult  course  on  WLAN  security 


■  BY  ELLEN  MESSMER 

Baylor  University  learned  about 
wireless  LAN  security  in  the 
school  of  hard  knocks.Three  years 
ago,  Baylor  began  installing  270 
Enterasys  Networks  wireless  access 
points  across  its  Waco, Texas,  campus  in 
libraries,  classrooms  and  dorms  so  stu¬ 
dents  and  faculty  could  access  the  cam¬ 
pus  LAN  from  computers  outfitted  with 
802.11b  WLAN  cards.  That  was  the  easy 
part,  according  to  Baylor’s  IT  staff.  But 
finding  a  way  to  add 
authentication  to  enable 
unimpeded  wireless  access 
has  meant  a  crash  course  in 
security  technologies  that 
hasn’t  yet  ended. 

In  fact,  802. lx,  the  authen¬ 
tication  technology  Baylor 
just  started  using  last 
month,  is  causing  the  WLAN 
network  to  crash  from  time 
to  time.  “We’re  forcing  the 
wireless  access  points  to  do 
more  than  we  had  them  do 
in  the  past,”  says  Bob 
Hartland,  director  of  IT 
servers  and  networking  sys¬ 
tems  at  Baylor. 

Based  on  an  IEEE  standard, 

802. lx  lets  a  WLAN  user’s 
encrypted  password  be  sent 
from  an  802.1x-enabled  lap¬ 
top  across  the  Enterasys  ac¬ 
cess  points,  which  support 
802. lx,  to  a  RADIUS  authentication  server 
included  in  Windows  Server  2003,  which 
Baylor  uses  (see  graphic). 

While  802. lx  authentication,  which 
involved  this  end-to-end,  back-and-forth 
hand-off  via  802. lx,  works,  it  has  put  an 
unexpected  processing  strain  on  the 
WLAN  access  points,  causing  their  radio¬ 
frequency  power  to  fail.  For  that  reason, 
Baylor  now  dispatches  four  technically 
minded  students  to  check  and  make 
adjustments  on  the  university’s  270  WLAN 
access  points  each  day. 

“802. lx  is  more  complex  to  troubleshoot 
than  what  we  had  before,”  says  Scott  Day, 
Baylor’s  manager  of  network  services.The 
university  also  is  reconfiguring  the  access 
points  to  try  to  sort  out  the  problem. 

Baylor  IT  staff  had  been  waiting  patiently 
for  two  years  for  the  much-ballyhooed 
IEEE  802.1x  authentication  standard, along 
with  Wired  Equivalent  Privacy  (WEP) 
encryption,  to  appear  in  products. 


Before  802.  lx,  campus  IT  staff  tried  a 
number  of  other  experiments  in  wireless 
encryption  and  authentication.  First  came 
a  limited  VPN  deployment,  next  was  a 
homegrown  client  to  authenticate  cam¬ 
pus  users  to  the  access  points. 

The  homegrown  system,  which  Baylor 
viewed  as  the  interim  step  while  it  waited 
for  vendors  to  implement  802. lx,  was 
based  on  a  design  detailed  in  a  paper 
published  by  the  National  Aeronautics 
and  Space  Administration. 

“It  was  a  gateway  based  on  OpenBSD, 


[Secure  Sockets  Layer]  logon  and  a  Web 
browser,”  Hartland  says. 

But  Baylor  was  waiting  for  802. lx, 
described  as  a  standards  framework  for 
wireline  and  wireless  that  can  accept 
many  extensions,  such  as  public-key  cer¬ 
tificates  and  passwords.  Baylor  deemed 
client-side  certificates  too  complex  and 
expensive  to  deploy.The  university  wanted 
to  be  able  to  have  each  user’s  WLAN  pass¬ 
word  be  the  same  as  the  password  to  gain 
access  to  the  Baylor  campus  LAN.  That 
would  minimize  password  administration. 
Two  802. lx  variants,  one  called  Tunneled 
Transport  Layer  Security  (TTLS)  backed 
by  Funk  Software  and  Certicom,  and  the 
second  called  Protected  Extensible 
Authentication  Protocol  (PEAP),  backed 
by  Microsoft  and  Cisco,  offered  the  poten¬ 
tial  to  do  that,  according  to  Jon  Allen, 
Baylors  coordinator  of  IT  security. 

TTLS  and  PEAP  provide  mutual  authen¬ 
tication  and  WEP  rekeying  but  don’t 


require  client-side  certificates,  only  pass¬ 
words.  It’s  important  to  have  the  802.  lx- 
based  variant  mutually  supported  in  the 
WLAN  card,  the  access  point,  the  client 
software  and  the  authentication  server, 
because  the  authentication  process 
crosses  these  points. 

In  the  university’s  viewpoint,  the 
moment  when  all  the  stars  aligned  on  that 
score  arrived  in  the  spring  when  Microsoft 
released  802. lx  PEAP  client  code  that  can 
be  used  with  XP  and  Service  Pack  1  for 
Windows  Server  2003. 

“We’re  pretty  much  a 
Microsoft  shop,  so  we 
decided  to  take  this 
course,”  Hartland  says.  “We 
had  been  hearing  about 
802.  lx  for  years.” 

Baylor  bought  a  site 
license  for  XP  that  would 
be  available  for  all  its  stu¬ 
dents,  faculty  and  staff.  For 
non-Windows  users,  Baylor 
licensed  the  802.1x-based 
client  software  from  Meet- 
ingHouse  Data  Communi¬ 
cations  for  Macintosh, 
Linux  and  PocketPC.  But 
because  campus  users 
have  moved  to  802.  lx 
based  on  PEAP  there  have 
been  issues  to  deal  with 
above  and  beyond  the 
strain  that  802.  lx  authenti¬ 
cation  put  on  the  Enterasys 
WLAN  access  points. 

For  example,  not  all  WLAN  cards  have  a 
hook  into  802. lx, as  the  XP  client  software 
needs,  according  to  Baylor’s  IT  staff.  The 
Enterasys  WLAN  card  and  a  card  from 
Orinoco  Wireless  (which  was  purchased 
by  Cisco)  haven’t  been  a  problem,  but 
many  other  cards  don’t  seem  to  have  the 
kind  of  “zero-con fig  XP  interface”  that 
makes  it  easy  to  use  XP  for  802. lx  authen¬ 
tication,  Allen  says. 

Although  Baylor’s  IT  staff  waited  a  long 
time  for  802. lx  on  the  WLAN  and  find  it’s 
resulted  in  some  tough  problems,  they 
aren’t  cynical  about  it.  The  staff  are  confi¬ 
dent  they  will  sort  out  what  they  call  the 
“signal-strength  issue”  with  the  WLAN 
access  points,  perhaps  by  adding  more 
access  points.  And  the  next  step  will  be 
working  on  more  complex  role-based 
access  to  network  resources  for  students 
and  faculty  based  on  security  policy. 
“We’re  just  waiting  for  it  all  to  settle  down," 
Hartland  says.  ■ 


Baylor  boosts  WLAN  security 

Baylor  University  has  begun  using  802.1x  authentication 
technologies  to  ensure  security  across  its  growing  WLAN. 


Wireless  laptop  with  XP 
supporting  802.1x  auth¬ 
entication  and  WLAN 
card  supporting  802.1x. 

o 

User  types  in 
password  to 
access  WLAN. 


Enterasys  WLAN 
access  point  with 
802.1x  support. 


© 

Password  is  en¬ 
crypted  and  sent 
to  Windows  2003 
Server  over  LAN. 


Windows  2003  Server 
supporting  802.1x,  RADIUS 
and  Microsoft  Windows 
Active  Directory. 

© 

User  credentials  checked 
via  Active  Directory  using 
RADIUS.  If  accepted,  user 
is  granted  access  to  WLAN. 


QUALCOMM  3G  CDM  /-LIST  AWARDS 
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Expand  offers  WAN  compression  options 

Two  new  boxes  are  designed  to  better  match  users’  capacity  needs. 


Expand's  Accelerator  4810  compresses  at  rates  ranging  from 
256K  to  6M  bit/sec. 


9  BY  TIM  GREENE 

Expand  Networks  last  week 
announced  new  models  of  its  WAN 
compression  devices  with  capacity 
that  can  be  upgraded  gradually  so  cus¬ 
tomers  don’t  need  to  keep  buying  new 
hardware. 

The  two  new  boxes,  Accelerator  4810 
and  Accelerator  6810,  fill  gaps  in  the  compa¬ 
ny’s  product  line  that  forced  some  customers 
to  buy  higher-capacity  devices  than  they 
needed.  Now  customers  can  buy  a  device 
that  more  closely  fits  their  current  needs  and 
leaves  the  option  to  buy  more  capacity  later. 

Customers  must  buy  at  least  two  of  the 
Expand  devices  and  place  one  at  each  end 
of  a  WAN  link  that  they  want  to  speed  up. The 
devices  sit  between  LANs  and  WAN  routers 
and  compress  traffic  destined  for  WAN  loca¬ 
tions  that  also  have  Expand  devices.  The 
Accelerators  can  compress  at  different  rates 
to  match  the  bandwidth  available  on  the 
line,  so  a  256K  bit/sec  Accelerator  would  be 
suitable  for  a  256K  bit/sec  line.  Expand  says 
its  equipment  boosts  network  throughput 


between  100%  and  400%. 

Before  the  two  new  boxes  were  introduced, 
Expands  Accelerator  1800  topped  out  at 
256K  bit/sec,  and  the  lowest  speed  of  the 
company’s  next-sized  box,  the  Accelerator 
4800,  was  2M  bit/sec.  If  a  customer  wanted  to 
support  a  512K  bit/sec  link,  he  had  to  buy  a 
2M  bit/sec  4800.  Now  he  could  buy  a  5 12K 
bit/sec  4810  for  about  $5,000  less  and  still 
have  the  option  to  increase  its  capacity  by 
paying  a  licensing  fee. 

O'Reilly  Auto  Parts  in  Springfield,  Mo.,  has 
installed  Accelerator  6810s  at  its  headquar¬ 
ters  and  its  back-up  data  center  in  Dallas  to 
speed  up  a  12M  bit/sec  frame  relay  line 
between  the  two  that  was  running  at  capa¬ 
city,  says  Dave  Steinle, systems  management 


team  leader  for  O’Reilly.  Now  the  con¬ 
nection  runs  at  75%  to  80%  of  capa¬ 
city,  staving  off  the  need  for  a  bigger 
connection. 

Without  the  Expand  gear,  the  compa¬ 
ny  was  facing  an  additional  6M  bit/sec 
in  bandwidth  at  a  cost  of  $2,700  per 
month,  Steinle  says.  With  transaction 
data  ever  increasing,  he  says  he 
expects  that  O’Reilly  will  have  to  buy  more 
bandwidth  at  some  point.  When  it  does,  he 
says  Accelerator  6810s  can  be  upgraded  to 
handle  the  additional  traffic. 

Expand  competes  mainly  against  Peribit, 
whose  gear  is  similar  in  function.  But  the 
companies  say  they  use  different  methods 
to  reduce  traffic.  If  customers  don’t  want  to 
buy  a  dedicated  compression  device,  they 
can  implement  compression  on  their 
routers,  an  option  that  might  affect  route 
performance. 

Accelerator  4810  ranges  in  speed 
from  256K  to  6M  bit/sec  and  in  price  from 
$4,000  to  $20,000.  Accelerator  6810  ranges 
from  2M  to  45M  bit/sec  and  from  $15,000  to 
$45,000.  ■ 


Service  manages  Microsoft  apps  deployment 


■  BY  JUAN  CARLOS  PEREZ 

Electronic  Data  Systems  last 
week  unveiled  a  service  to  man¬ 
age  the  deployment  of  Microsoft 
desktop  applications  and  system 
software  in  companies  and  gov¬ 
ernment  agencies. 

Features  of  the  offering,  called 
myCOE  (my  Consistent  Office 
Environment),  include  giving 
end  users  the  flexibility  to 
choose  applications  for  their 
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■  THIS  WEEK’S  QUESTION: 

What’s  the  term  being 
used  to  describe  seem¬ 
ingly  spontaneous  public 
gatherings  of  people 
orchestrated  via  e-mail 
and  text  messaging  lists? 

Answer  ths  and  nine  additional  questions 
online  and  you  could  wn  S500!  Visit 

Netwwi  World  Fusion  and  enter  2349 

in  the  Search  box 

www.nwiusion.com 


Companies  pay  for  only  the  services 
and  applications  their  employees  use. 
This  approach  taps  into  an  increasingly 
popular  trend  in  IT ... . 


desktop  and  a  pricing  model 
under  which  companies  pay 
only  for  the  services  used, 
according  to  EDS. 

EDS’  services  contrast  with  the 
traditional  approach  of  giving 
machines  with  the  same  config¬ 
uration  and  application  setup  to 
users  who  do  different  jobs.  This 
rigid  approach  and  lack  of  desk¬ 
top  customization  inevitably 
leaves  some  users  with  less  func¬ 
tionality  and  others  with  more 
than  they  need. 

The  new  EDS  managed  service, 
which  is  based  on  desktop  man¬ 
agement  software  from  Microsoft, 
has  been  designed  for  machines 
running  the  Windows  XP  operat¬ 
ing  system  and  Office  XP  and  up¬ 
coming  Office  2003  suites,  says 
Carol  Wyatt,  global  offering  exec¬ 
utive  for  EDS’  Distributed  Systems 
Service  line.  However,  the  service 
can  be  expanded  to  support 
other  Microsoft  and  non-Micro¬ 
soft  applications  and  software, 
she  says. 

MyCOE  delivers  applications 
and  desktop  services  from  a 
Web  portal.  From  there,  end 
users  can  pick  and  choose 
applications  from  a  list  com¬ 
piled  and  approved  by  their  IT 
department. 

That  way  end  users  can  config¬ 
ure  their  machines  —  desktop 
PCs,  laptops,  handheld  computers 


—  with  the  software  they  need. 
They  can  drop  and  add  applica¬ 
tions  as  their  needs  change. 

Companies  pay  for  only  the  ser¬ 
vices  and  applications  their  em¬ 
ployees  use.  This  approach  taps 
into  an  increasingly  popular 
trend  in  IT  of  paying  for  software, 
hardware  and  services  based  on 
usage,  just  like  one  pays  for  utili¬ 
ties  such  as  electricity  and  water. 
Big  names  such  as  HP  and  IBM 
have  developed  strategies  for 
offering  their  clients  “pay  as  you 
go”  options. 

EDS  built  its  myCOE  service 
around  Microsoft’s  Solution 
Accelerator  for  Business  Desktop 
Deployment  (BDD)  software. 

Free  and  available  for  down¬ 
load  now  from  Microsoft’s  Web 
site,  Solution  Accelerator  BDD  is 
a  desktop  management  tool 
Microsoft  says  can  reduce  XP 
Office  XP  and  Office  2003  de¬ 
ployment  tasks  by  75%  through 
automation.  Solution  Acceler¬ 
ator  BDD  comes  with  scripts  and 


templates  as  well  as  with  docu¬ 
mentation  detailing  best  prac¬ 
tices  and  guidance  for  deploying 
desktop  applications  and  up¬ 
grades  throughout  a  company. 

Perez  is  a  correspondent  with 
the  IDG  News  Service’s  Latin 
America  bureau. 


Corrections 


■  The  story  "Chip  vendor 
claims  wireless  breakthrough" 
(Aug.  18,  page  12)  should  have 
identified  Atheros 
Communications  as  one  of  the 
m^jor  players  in  the  wireless 
silicon  market. 

■  The  editorial  “10G:  Worth 
your  attention”  (Aug.  18,  page 
46)  should  have  stated  that 
802.ae  was  standardized  in 
2002. 
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ADVERTISEMENT 


Redefining  Enterprise  Mobility:  Freedom  that’s  IT  Approved 


As  IT  managers  struggle  to  balance  business  connectivity 
demands  with  a  secure  IT  environment,  many  turn  to  Nokia’s 
portfolio  of  mobile  connectivity  solutions  to  get  the  job  done. 

Email  is  more  than  a  business  tool.  These  days,  it’s  the  backbone  of  how  many  corpo¬ 
rations  do  business.  And  for  many  companies,  business  as  usual  demands  that  workers 
access  vital  information  on  an  anytime,  anywhere  basis,  and  from  a  host  of  devices 
ranging  from  company-owned  laptops  to  PDAs,  mobile  phones,  and  home  PCs.  Email  is 
the  mission-critical  application  for  business  information  exchange. 

Twenty-seven  percent  of  today’s  work¬ 
force  is  estimated  to  be  mobile  and  out  of 
the  office  for  at  least  one  day  every  week. 

Mobility  solutions  can  help  boost  produc¬ 
tivity,  as  business  users  have  increased 
flexibility  to  get  their  work  done.  However, 
mobility  also  presents  a  number  of  chal¬ 
lenges  for  the  IT  department.  CIOs  and  IT 
managers  must  struggle  to  meet  the  busi¬ 
ness  demands  wrought  by  mobile 
connectivity,  while  simultaneously  solving 
the  security  concerns  that  come  along  with 
providing  mobile  workers  constant  access 
to  corporate  resources,  regardless  of  the 
access  device. 

“It’s  a  real  balancing  act  for  IT 
managers,”  says  Dan  MacDonald,  vice  president  of  product  management  and  marketing 
at  Nokia.  “CIOs  and  IT  managers  are  faced  with  meeting  mobile  connectivity  demands, 
but  they  must  do  so  while  keeping  budgets  flat,  and  keeping  corporate  assets  secure.” 

MacDonald  says  that  several  network  integrity  issues  have  emerged  from  the  conflu¬ 
ence  of  mobile  devices,  flexible  work  hours  and  the  surging  Internet:  How  can  CIOs 
manage  user  identity,  control  the  security  of  the  myriad  access  devices  in  use,  and  effec¬ 
tively  manage  content  access  without  stifling  vital  business  processes? 

Many  enterprises  struggle  with  aggressive  application  roll  outs  that  support  a  wide 
range  of  user  devices  and  network  types,  while  satisfying  business  requirements  for 


timing,  performance  and  cost.  Nokia  combines  its  expertise  as  the  leader  in  mobile 
communications  and  IP  security  solutions  to  enable  business  solutions  via  fixed  and 
mobile  connections  that  ensure  network  integrity,  allowing  employees  and  users  to 
confidently  communicate  even  while  out  of  the  office. 

Nokia  mobile  connectivity  solutions  provide  a  unique  comprehensive  portfolio  of 
system  level  solutions  that  enable  rapid  return  on  investment  and  sustainable  competi¬ 
tive  advantage  for  the  enterprise,  based  on  both  IPSec  and  SSL  technologies. 

Transactions  from  employees’  mobile  terminals  to  their  corporate  networks  must  be 
secure  in  order  to  enable  the  mobile  office.  For  the  past  6  years,  Nokia  has  been  devel¬ 
oping  technology  for  managing  and 
providing  security  so  that  both  fixed  and 
mobile  offices  may  be  accessed  routinely 
without  worry.  Nokia  network  integrity 
solutions  include  industry  leading  Virtual 
Private  Network  (VPN),  Firewall,  Content 
Security  and  Intrusion  Protection  systems, 
addressing  the  needs  of  the  largest  corpo¬ 
rate  data  center  or  Service  Provider 
network  to  the  smallest  home  office. 

As  the  number  one  business  applica¬ 
tion,  email  has  also  become  the  number 
one  business  security  challenge.  As  traffic 
over  wireless  networks  continues  to  grow, 
so  will  spam  and  other  email  issues  such  as 
protection  of  intellectual  property. 
Traditional  solutions  have  focused  on  anti-virus  protection,  while  Nokia  Message 
Protector  adds  new  levels  of  protection  to  increase  the  integrity  in  email  messaging  for 
both  fixed  and  mobile  connections  through  spam  protection,  exploit  rejection  and 
content  filtering. 

Nokia  mobile  connectivity  solutions  address  the  security  and  mobility  limitations  of 
legacy  products  by  offering  superior  access,  security,  and  management  of  the  email  secu¬ 
rity  infrastructure  for  a  mobile  work  force. 

Today,  corporations  need  to  conduct  business  real  time  -  all  the  time  -  and  secure, 
remote  mobile  connectivity  solutions  from  Nokia  enable  enterprises  to  do  just  that. 


Enable  Mobile  Connectivity  while  Ensuring  Network  Integrity 


Non-Corporate 
Device  ©home, 
business  center 


Partners,  Suppliers 
&  Contractors 


Email  Servers  & 
Email  Storage 


File  &  Application 
Servers/Mainframe 


Email  going  mobile ?  Two  recently  introduced  Nokia  solutions 
extend  enterprises'  options  to  access  email  securely,  anywhere,  from  any  device 


Network  Integrity  Solutions 


Mobile  Connectivity  Solutions 


Nokia  Message  Protector  is  an  enterprise-class  secure  content  management 
appliance  for  SMTP  (simple  mail  transport  protocol)  traffic  entering  and  leaving  corporate 
mail  networks.  Its  unique  features  include: 

•  SPAM  Prevention 

•  Content  Inspection 

•  Virus  Protection 

•  Heuristic  Exploit  Rejection  Object  (HERO) 

•  Secure  Automatic  Updates 


Nokia  Secure  Access  System  is  a  remote  access  solution  leveraging  ubiquitous 
Secure  Socket  Layer  (SSL)  technology  running  on  Nokia’s  widely  accepted  IP  Security 
Platforms  with  several  distinguishing  features  including: 

•  Client  Integrity  Scan.  A  unique  feature,  CIS  scans  the  remote  device  for  open  TCP 
ports,  bad  files,  good  files  and  active  processes  to  improve  security  of  enterprise 
data. 

•  Advanced  Access  Control.  Nokia  Secure  Access  System  can  increase  or  decrease 
the  level  of  access  for  remote  users  depending  on  the  result  of  the  Client  Integrity 
Scan  or  presence  of  a  digital  certificate. 

•  Session  Persistence.  This  function  allows  users  to  resume  work  without  losing 
data  if  their  SSL  session  has  timed  out  due  to  lack  of  activity.  There  is  no  concern 
if  a  user  is  interrupted  while  connected  through  Nokia  Secure  Access  System. 


According  to  Charles  Kolodgy  of  IDC,  “Nokia  is  cementing  its  position  as  a  leader  in  secure  connectivity 
by  offering  consistent,  secure,  and  flexible  remote  access  to  corporate  applications  from  any  device 

To  download  white  papers  or  for  more  information  about  Nokia  Mobile  Connectivity  Solutions  visit 

www.nokia.com/mobileaccess/americas 
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CA  launches  network  performance  mgmt.  software 


■  BY  DENISE  DUBIE 

Computer  Associates  last  week  rolled 
out  software  designed  to  watch  traffic  and 


map  the  physical  relationships  between 
applications  and  the  underlying  infra¬ 
structure  that  supports  them,  which  the 
company  says  will  speed  problem  resolu¬ 


tion  and  improve  performance. 

Unicenter  Network  Forensics  and  Uni¬ 
center  Network  Forensics  Mobile 
Edition  are  part  of  the  Unicenter  Net¬ 
work  and  Systems  Management  portfo¬ 
lio.  They  perform  traffic  monitoring  and 
packet  analysis  to  diagnose  and  resolve 
network  problems. 

Unicenter  Network  Forensics  consists  of 
a  server  component  that  can  be  installed 
on  a  dedicated  server  and  software  agents 
CA  calls  collectors.  The  collectors  are  in¬ 


stalled  on  servers  or  devices  in  specific 
network  locations  to  watch  traffic.  They 
differ  from  agents  deployed  in  typical  net¬ 
work  management  products  in  that  net¬ 
work  managers  need  not  deploy  a  collec¬ 
tor  to  every  managed  device.  One  collec¬ 
tor  can  monitor  multiple  managed 
devices  depending  on  the  amount  of  traf¬ 
fic  it  generates. 

By  watching  network  traffic  patterns,  the 
Forensics  software  alerts  companies 
about  potential  problems  such  as  an  over¬ 
loaded  router, slow  server  or  poor  desktop 
application  performance.  The  server  soft¬ 
ware  also  stores  and  correlates  data  to 
spot  trends. 

The  Mobile  Edition  can  be  installed  on  a 
laptop  and  lets  network  managers  perform 
diagnostics  on  access  points  and  specific 
departmental  servers,  and  identify  rogue 
mobile  or  wireless  users. 

The  Forensics  software  uses  CAs  recently 
announced  Sonar  technology,  which 
watches  traffic,and  builds  physical  and  log¬ 
ical  relationships  among  network  devices, 
servers,  storage  and  applications.  Sonar  is 
intended  to  work  in  real  time  to  relate  busi¬ 
ness  service  performance  and  automate 
responses  to  problems  to  the  infrastructure 


supporting  applications.The  idea  is  to  help 
users  spot  problems  causing  poor  perfor¬ 
mance  for  business-critical  applications, 
says  David  Hochhauser,  CA  vice  president 
of  Unicenter  Solutions. 

Rich  Ptak,  principal  at  research  firm 
Ptak  &  Associates,  says  CAs  Sonar  and 
Network  Forensics  software  offer  cus¬ 
tomers  an  automated  way  to  build  rela¬ 
tionships  between  applications  and  the 
infrastructure  components  that  support 
them.  Network  managers  typically  use  a 


combination  of  the  original  network 
topology  and  information  stored  in  dis¬ 
parate  locations  about  adds,  moves  and 
changes  to  understand  the  physical  and 
logical  topology  of  their  networks.  Ptak 
says  tools  such  as  'Network  Forensics 
and  BMC  Software’s  new  Service  Impact 
Management  (SIM)  are  attempting  to 
provide  an  accurate  map  of  applica¬ 
tions  and  network  devices,  and  their 
relationships. 

BMC’s  SIM,  released  last  week,  builds  a 
map  of  the  network  and  connects  the 
dots  between  network  components  and 
the  applications  they  support.  Unlike 
CA's  Forensics,  BMC’s  SIM  uses  modeling 
technology  the  company  acquired  from 
its  IT  Masters  purchase  to  build  the 
same  application  and  infrastructure 
relationships. 

Pricing  for  Unicenter  Network  Forensics 
and  Network  Forensics  Mobile  Edition 
starts  at  $45,000.  ■ 
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On  Your 
Mark... 

Are  you  ready  to  reduce  power 
densities  in  your  rack  with  an 
efficient  cost-saving  power 
and  cooling  solution  that 
ensures  availability? 


They  Are. 

Sst 


" Our  Video  on  Demand  ( V0D ) 
servers  are  air  cooled  from  front  to 
back.  The  APC  racks  that  house  the 
InfraStruXure  "  are  also  designed  to  cool 
from  front  to  back.  So  the  same  racks 
can  effectively  house  our  power  system 
and  our  servers. " 

Vince  Pombo,  Vice  President  of  Engineering 
Rich  Flanders,  Director  of  Engineering 
Time  Warner  Cable. 


More  and  more  IT  professionals  are  changing  from  legacy 
systems  to  a  new  integrated  power  and  cooling  solution. 


STOP  Costly  Downtime 


See  the  next  page  for  more. 


Forensic  analysis 


Computer  Associates’  Unicenter  Network  Forensics  watches  traffic 
and  analyzes  packets  to  identify  and  prevent  performance  problems  on 
enterprise  networks. 


Unicenter  Network  Forensics  software  watches  traffic 
and  stores  information  about  which  network  devices, 
databases  and  servers  interact  to  support  applications. 


Unicenter  Network 
Forensics  server 


The  software  quickly 
can  tell  network 
managers  which 
applications  will  be 
affected  by,  say,  a 
server  outage. 


Collectors,  or  software 
agents,  in  the  network  can 
watch  inbound  and  out¬ 
bound  traffic  on  multiple 
managed  devices,  data¬ 
bases  and  servers. 


Database 
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Determining  Total  Cost  of  Ownership  for  Data 
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Hitt  White  raper!  Hitt  White  Paper  Center  and  Network  Room  Infrastructure 


"Determining  Total  Cost  of  Ownership 
for  Data  Center  and  Network 
Room  Infrastructure" 


Just  mail  or  fax  this  completed  coupon 
or  contact  APC  for  your  FREE  white 

paper.  “Determining  Total  Cost  of 
Ownership  for  Data  Center  and 
Network  Room  Infrastructure." 

Also  receive  our  FREE  InfraStruXure” 
brochure  Better  yet,  order  both  today 
at  the  APC  Web  site! 

http:// promo,  ap  c.  com 
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□  YES!  Please  send  me  my  FREE  white  paper  and  InfraStruXure”  brochure. 

□  NO  ,  I'm  not  interested  at  this  time,  but  please  add  me  to  your  mailing  list. 
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What  type  of  availability  solution  do  you  need? 

□  UPS:  0-16kVA  (Single-phase)  □  UPS:  1 0-80kVA  |3-phase  AC)  □  UPS:  80+  kVA  (3-phase  AC)  DOC  Power 

□  Network  Enclosures  and  Racks  □  Precision  Air  Conditioning  □  Monitoring  and  Management 

□  Cables/Wires  □  Mobile  Protection  □  Surge  Protection  □  UPS  Upgrade  □  Don't  know 
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You  are  (check  1):  □  Home/Home  Office  □  Business  |<1 000  employees)  □  Large  Corp.  (>1000  employees) 

□  Gov’t,  Education,  Public  Org.  □  APC  Sellers  &  Partners 
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How  to  Contact  APC 

Call:  (888)  289-APCC 

use  the  extension  on  the  reverse  side 

Fax:(401)  788-2797 

Visit:  http://promo.apc.com 

use  the  key  code  on  the  reverse  side 

APC 
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ADVERTISEMENT 


Are  you  set  to  save  space 
and  minimize  installation 
and  maintenance  costs 
with  a  modular  manageable, 
pre-engineered  architecture? 


"If  I  had  purchased  the  incumbent 
vendors  3-phase  upgrade  model, 


I  would  have  paid  75%  more  in  service 
costs  over  the  next  four  years  and 
I  would  have  had  to  utilize  50%  more 
of  my  precious  floor  space. " 

Captain  Timothy  Riley 

Support  Services  Division 

City  of  Newport  Beach  Police  Department 


Many  IT  professionals  have  switched 
from  an  inflexible  proprietary  system  to 


network  critical  physical  infrastructure. 


Be  Sure  of  Your  Solution 
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InfraStruXure™ 
is  the  Key  to 
Stronger  NCPI 

by  Russell  Senesac 

InfraStruXure  Product  Manager 

APC  InfraStruXure™  architecture  is  the  industry's 
new  benchmark  for  on-demand  network-critical 
physical  infrastructure  (NCPI).  The  foundation  of  IT 
networks,  NCPI  consists  of  power,  power  distribu¬ 
tion,  racks,  cabling,  cable  distribution,  cooling,  and 
cooling  distribution.  Strong  NCPI  defends  your  IT 
networks  against  security  and  availability  problems. 

Complementing  these  benefits  of  strong  NCPI  is 
InfraStruXure's  open,  adaptable,  integrated  ap¬ 
proach,  which  ensures  optimal  performance  and 
lower  upfront  and  operating  costs.  InfraStruXure 
fully  integrates  power,  cooling,  management  and 
services  within  a  rack-optimized  design. 

Power 

InfraStruXure  architecture  features  rack-optimized, 
intelligent  UPSs  and  power  distribution  units  that 
are  highly  manageable,  modular,  and  pre-engineered 
to  meet  the  demands  of  the  smallest  wiring  closet  to 
the  largest  data  center. 

Cooling 

Cooling  solutions  designed  for  InfraStruXure  are 
extremely  flexible,  fitting  almost  any  data  environment 
as  though  custom-made,  but  without  the  extensive  engi¬ 
neering  that  traditional  cooling  systems  require. 

Management 

InfraStruXure  boasts  the  industry’s  only  fully  integrated 
power  management  solution.  Monitor  the  elements  of 
your  dara  center,  understand  how  your  InfraStruXure  is 
performing  and,  when  necessary,  take  action  remotely  to 
ensure  service  levels  are  met — all  from  a  Web  browser  on 
your  desktop  computer.  You’ll  be  able  to  maximize  avail¬ 
ability  through  system-level  proactive  management. 
InfraStruXure  management  solutions  are  easy  to  use  and 
require  little  to  no  training. 

Services 

A  full  menu  of  professional  services,  performed  by 
APC  Global  Services  experts,  supports  your 
InfraStruXure  architecture.  Whether  building  a  new 
installation  or  retrofitting  InfraStruXure  into  your 
existing  IT  environment,  a  range  of  services  is  able  to 
meet  your  specific  needs.  Factory-trained  professionals 
commission  the  elements  of  your  InfraStruXure, 
understand  how  it  is  performing  and,  when  necessary, 
take  action  to  ensure  optimal  service  levels  are  met. 

The  Result 

With  InfraStruXure,  you  get  the  reliability,  afford¬ 
ability  and  predictability  of  standard  solutions,  yet 
completely  customized  for  your  specific  problems. 
As  your  requirements  change,  InfraStruXure  easily 
adapts,  allowing  you  to  build  out  or  scale  back 
capacity  as  it  is  required.  ■ 

FREE  White  Paper  and  Infrastructure™  Brochure 

Visit  http://promo.apc.com  Key  Code  n261y 
Call  888-289-APCC  x2931  •  Fax  401-788-2797 
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You  Are. 


Stop  hesitating. 

You've  been  given  the 
green  light  to  ensure  the 
continuous  operation  of  your 
mission-critical  electronic 
applications. 

Go  find  out  more  about  how 
InfraStruXure™  can  build  availability 
into  your  business  processes. 
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InfraStru 


POWER  RACK  AIR 

Open,  adaptable  and  integrated 
architecture  for  on-demand 
network-critical  physical  infrastructure 


this  availability  solution  to  prevent 
costly  downtime? 


FREE  White  Paper: 
"Determining  Total  Cost 
of  Ownership  for  Data 
Center  and  Network  Room 
Infrastructure"  and  FREE 
InfraStruXure™  Brochure 


To  order:  Visit  http://promo.apc.com  Key  Code  n261y 
Call  888-289-APCC  x2931  •  Fax  401-788-2797 


Go!  Find  Out  More! 
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The  switch  that  adapts 
to  any  environment. 

And  always  will. 


Introducing  the  Matrix™  N-Series 

Scalability  and  security  adapted  to  your  enterprise. 


Because  your  needs  change  so  often,  you 
need  a  switch  that  can  keep  up.  That’s  the 
revolutionary  new  Matrix  N-Series.  Thanks 
to  an  exclusive  distributed  architecture — 
where  all  switching  and  control  functions 
reside  on  each  module — the  N-Series  lets 
you  cost-effectively  add  bandwidth,  users  and 
applications  on  the  fly.  And  no  other  switch 
offers  such  a  low  entry  cost. 

A  wide  range  of  secure  connectivity 
options  means  the  Matrix  N-Series  will 
scale  to  support  converged  applications 


like  video  streaming,  VoIP  and  more  without 
expensive  upgrades.  With  unsurpassed 
reliability,  flexibility  and  investment 
protection,  the  N-Series  is  a  key  component 
to  any  Business-Driven  Network ,™ 

Now  and  always. 

For  a  FREE  whitepaper  on  the  Matrix 
N-Series  and  Multilayer  Packet  Classification, 

go  to  enterasys.com/nw/n-series 


ENTERASYS 


NETWORKS™ 
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Symantec  pumps  up  handheld  anti-virus  products 


■  BY  ELLEN  MESSMER 


Symantec  last  week  announced  its 
first  anti-virus  software  for  Palm  Pilot 
operating  system  and  Microsoft 
PocketPC-based  handhelds,  making  it 
possible  for  businesses  to  centrally 
manage  the  devices’  anti-virus  configu¬ 
rations  and  updates. 

Expected  next  week,  Symantec  Anti- 
Virus  for  Handhelds  Corporate  Edition  is 
designed  to  protect  Palm  OS  and 
Fbcket PC-based  handheld  devices  against 
viruses,  worms  and  Trojans. 

Once  the  software  is  installed  on  the 
users  desktop  PC,  the  anti-virus  software 
is  sent  to  the  handheld  during  synchro¬ 
nization  with  the  PC,  or  over  a  wireless 
LAN  or  infrared  connection.  The  hand¬ 
helds  can  be  kept  up  to  date  with  the  lat¬ 
est  signatures  for  new  viruses  or  worms 
via  automated  updates  through  the  desk¬ 
top  synchronization  process.  Another 
means  for  updating  directly  to  the  hand¬ 
held  will  be  over  the  Internet  wirelessly 
through  what  Symantec  calls  its 
LiveUpdate  Wireless  service. 

“Symantec  AntiVirus  for  Handhelds 
Corporate  Edition  works  under  the 
Symantec  enterprise  security  architec¬ 
ture  in  terms  of  logging  events,”  says 
Laura  Garcia-Manrique,  Symantec’s 
group  product  manager.  This  means  the 
event  and  configuration  manager  for  the 
handhelds  is  the  same  as  that  used  for 
other  Symantec  anti-virus  products  so 
that  centralized  alerting,  logging  and 
reporting  is  possible. 

“And  the  manager  can  configure  each 
handheld,  for  example,  by  preventing  the 
user  from  turning  off  the  AutoProtect  real¬ 
time  scanning,” Garcia-Manrique  says.The 
anti-virus  software  for  handhelds  costs  as 
much  as  $27  or  as  little  as  $10,  depending 
on  volume. 

Symantec  is  competing  against  Com¬ 
puter  Associates,  Network  Associates 
and  Trend  Micro,  among  others,  with 
business-oriented  anti-virus  software  for 
handheld  devices. 

For  remote  users,  Symantec  this  week 
also  will  unwrap  Norton  AntiVirus  2004, 
the  next  version  of  its  desktop  anti-virus 
software.  The  2004  edition  adds  the 
means  to  not  only  detect  and  stop  worms 
and  viruses,  but  also  other  dangers  and 
annoyances  that  include  spyware, 
adware,  dialers  and  “joke  programs”  that 
might  be  downloaded  from  the  Internet 
or  sent  as  an  attachment. 

“We’re  not  going  to  capture  them  all,” 
says  Kelly  Martin, senior  product  manager 
at  Symantec.  But  Symantec  is  analyzing 
the  most  prevalent  and  mettlesome  spy- 
ware  and  adware,  among  other  junk,  to 


Security 

Subscribe  to  our  free  newsletter. 
DocFinder  5434  www.nwfusion.coni 


include  signatures  that  users  can  activate 
if  they  want  to  exclude  it. 

Norton  AntiVirus  2004,  which  will  cost 
$49.95  for  a  new  annual  subscription  or 


$29.95  as  a  renewal,  also  will  be  able  to 
decompress  and  scan  peer-to-peer  file¬ 
sharing  programs  for  viruses  they  might 
hold. These  new  features  are  not  yet  in  the 


Symantec  Corporate  Edition,  but  in  the 
past  Symantec  has  added  new  capabili¬ 
ties  later  when  they  work  well  in  the 
home-user  edition.  ■ 
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All  in  one 

(Again.) 


MX250 


VoIP  for  the  smaller  site. 


Computers 


Following  the  successful  launch  of  the  MX1200,  the 
world  s  first  Enterprise  Media  Exchange,  Zultys  now 
announces  the  introduction  of  the  MX250.  Whilst 
retaining  all  the  features  that  have  already  gained 
wide  acceptance,  the  MX250  adds  specific 
functionality  for  smaller  enterprises  or  branch  offices. 

With  configurations  starting  at  5  users,  the  MX250 
can  expand  to  250  users  without  requiring  any 
additional  hardware.  Affordable  ancf  easy  to  deploy, 
the  MX250  integrates  multimedia  communications 
into  a  compact  system. 

The  MX250  is  100%  based  on  open  standards, 
powered  by  Linux,  SIP,  VoiceXMT,  and  TAPI.  This 
guarantees  flexibility  and  inter-operability  within 
your  network.  You  can  make  calls,  access  voice  mail, 
access  fax  mail,  determine  presence,  and  send  instant 
messages,  all  from  a  single  graphical  interface. 

To  learn  how  the  MX250  can  address  your 
communications  needs  and  enhance  the  productivity 
of  your  business,  call  us  or  access  our  web  site. 
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Zultys  Technologies 

771  Vaqueros  Avenue 
Sunnyvale,  CA  94085 
USA 

Tel: +1-408-328-0450 
Fax:+1-408-328-0451 
Email:zultys@zultys.com 
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where  information  lives 


Protect  your  information  with  EMC  CLARiiON: 
Disk-based,  confidence-boosting  backup 


EMC  CLARiiON  CX  SERIES 


EMC  CLARiiON”  systems  and  software  deliver  the  reliability  and  flexibility  growth- 
oriented  companies  need  to  manage  ever-increasing  amounts  of  information.  To  learn 
more  about  reliable  backup  and  recovery,  get  “Stepping  Up  to  Disk-Based  Backup”  at 

www.EMC.com/growthcompanies  or  1-866-796-6369. 
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Find  an  authorized  EMC  business  partner  at 
www.EMC.com/partnersalliances. 
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Takes 

■  IBM  last  week  announced  an 
802.11a/b/g  Wireless  LAN  Mini  PCI 
Adapter  for  its  wireless-upgradable 
ThinkPad  notebooks.  The  Mini  PCI 
adapter  data  supports  rates  up  to 
54M  bit/sec  in  the  2.4-GHz  and  5-GHz 
bands.  The  adapter  automatically  will 
search  for  the  best  connection  as 
users  roam  through  different  WLAN 
networks,  helping  to  maintain  connec¬ 
tivity  throughout  a  wireless  environ¬ 
ment,  IBM  says.  For  security,  the 
adapter  supports  Wired  Equivalent 
Privacy,  and  future  releases  will  sup¬ 
port  the  new  Wi-Fi  Protected  Access, 
Advanced  Encryption  Standard  and 
802. lx  authentication.  In  addition,  IBM 
offers  the  Embedded  Security  Sub¬ 
system  on  selected  ThinkPad  sys¬ 
tems.  The  ESS  can  be  used  to  aug¬ 
ment  802.1x  authentication  and  secu¬ 
rity,  storing  authentication  creden¬ 
tials.  The  adapter  is  expected  to  be 
ready  Sept.  8  and  will  sell  for  $99. 

■  Adaptec  last  week  announced  a 
network  accelerator  adapter  that  off¬ 
loads  TCP/IP  processing  from  the  host 
computer,  making  it  more  available  for 
running  applications.  The  Adaptec 
NAC  7711  is  a  Gigabit  Ethernet  adapter 
that  is  available  in  fiber  or  copper 
implementations. The  adapter  with 
fiber-optic  connections  sells  for  $995; 
the  copper-based  version  costs  $895. 

■  Gateway  is  announcing  storage 
systems  for  its  business  servers.  The 
company  this  week  will  announce  the 

850  SCSI  JBOD  system  and  the  820 
Linear  Tape  Open  Autoloader. 

Both  systems  are  rack-mountable  and 
2U  high.  The  850,  which  has  hot-swap¬ 
pable  power  supplies  and  redundant 
cooling  fans,  has  as  many  as  12  hot- 
swappable  Ultra  320  SCSI  drives  for  a 
total  capacity  of  1.7  terabytes  of  data. 
The  autoloader  features  an  LTO-1 
Ultrium  tape  drive  with  capacity  for 
100G  bytes  of  uncompressed  data  and 
an  eight-cartridge  carousel,  which 
holds  LTO  tape  with  a  maximum 
capacity  of  800G  bytes  of  data.  The 
850  costs  $3,000  for  a  system  with 
three  36G-byte  disks;  the  LTO  tape 
autoloader  costs  $5,800. 
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Lessons  from  leading  users 

dial-up  app  pays  off  for  sales  firm 


■  BY  JOHN  COX 

After  Chuck  Latham  spent  $300,000 
trying,  and  failing,  to  launch  a 
mobile  sales  application  for  his 
sales  firm,  he  didn’t  give  up. 

Instead  he  let  someone  else  do  it. 
Today  Charles  Latham  Associates  in 
Parker,  Colo.,  relies  on  a  hosted  service 
from  application  service  provider 
(ASP)  Unique  Solutions,  with  a  spe¬ 
cialized  sales  automation  application 
developed  for  handheld  computers 
and  data  synchronization  software  to 
manage  nearly  200  sales  staff  members 
in  the  field.  Most  of  these  professionals 
work  from  home  as  the  sales  force  for 
wholesalers  that  supply  pet  food  and 
other  products  to  retailers  such  as 
Petco. 


The  Toshiba  PbcketPC  computers  let 
sales  staffers  upload  once  or  twice  daily 
digital  photos, survey  results,  order  data, 
signatures  and  more  to  a  central  data¬ 
base.  The  next  day  managers  can  see 
how  a  new  display  has  been  set  up  or 
why  a  group  of  customers  had  com¬ 
plaints  about  another  display 

In  addition,  regional  managers  now  re¬ 
view  each  Friday  morning  with  CEO 
Chuck  Latham  and  other  headquarters 
executives  an  extensive  set  of  weekly  re¬ 
ports  on  orders,  the  number  of  stores 
visited  by  each  sales  representative, 
pending  problems  or  backlogs.The  data 
gives  senior  managers  new,  more  accu¬ 
rate  measures  of  the  effectiveness  of  the 
sales  team  and  guides  decisions  on 
how  to  improve  that  effectiveness. 

The  sales  representatives  see  only 


their  Toshiba  and  a  Windows  applica¬ 
tion  called  FieldTrack.They  dial  a  toll- 
free  number  once  or  twice  daily  to 
synchronize  the  data  they  collect  at 
each  stop  with  a  FieldTrack  database, 
via  Extended  Systems’  ExtendConnect 
middleware. 

Unique  Solutions  wrote  FieldTrack  as 
a  way  to  eliminate  paper  from  field  ser¬ 
vice  operations.  Unique  offers  the 
application  as  a  hosted  service  specifi¬ 
cally  designed  for  small  and  midsize 
merchandizing  service  companies. 

The  idea  was  a  sanity  saver,  Latham 
says. 

“We  had  stupidly  tried  to  write 
our  own  program  for  Palm  handhelds 
and  a  Lotus  Notes  database,  about 
three  years  ago,”  Latham  recalls.  The 

See  Latham,  page  28 


Cisco  adds  Gigabit  stackable  switches 


■  BY  PHIL  HOCHMUTH 

With  an  eye  toward  helping  corporate 
customers  add  faster  and  more  intelligent 
pipes  to  their  LANs,  Cisco  last  week  added 
a  new  version  of  its  stackable  aggregation 
switch  and  a  new  Gigabit  Ethernet  box  for 
desktop  links. 

The  Catalyst  3750G-12S  includes  12  fiber- 
based  Gigabit  ports  and  can  be  linked 
with  up  to  eight  other  3750  series  switches 
with  Cisco’s  StackWise  technology  creat¬ 
ing  a  high-speed  ring  of  switches.  The  24- 
port  Catalyst  2970G-24T  is  targeted  as  a 
LAN  edge  switch,  with  10/1 00/ 1 000M 
bit/sec  capabilities  and  quality  of  service 
on  all  ports. 

StackWise  technology  announced  in 
April  along  with  the  Catalyst  3750  series, 
lets  stackable  Gigabit  Ethernet  switches  be 
linked  in  a  32G  bit/sec  ring,  which  provides 
fast  failover  and  high-speed  uplinks  to 
wiring  closet  switches,  Cisco  says.  The 
Catalyst  3750G-12S  could  be  used  as  an 
aggregation  layer  switch,  connecting 
wiring  closet  boxes  to  a  LAN  core.  The 
switch  also  comes  with  Cisco’s  Cluster 
Management  Suite  software,  which  can  be 


Cisco's  Catalyst  3750G-12S  offers  fiber 
Gigabit  ports. 

used  to  configure,  manage  and  monitor 
StackWise  clusters. 

Catalyst  3750  switches  with  StackWise  are 
being  deployed  at  Portland  State  University 
in  Oregon,  where  20  of  the  stackable  boxes 
will  serve  as  the  school’s  aggregation  and 
backbone  layers.  The  ability  to  add  more 
switches  as  needed  was  the  reason  the 
school  chose  the  stackable  Cisco  technol¬ 
ogy  instead  of  a  chassis-based  core  prod¬ 
uct,  says  Jon  Snyder,  a  network  engineer  at 
the  university  He  adds  that  support  costs 
on  the  individual  3750s  will  be  much  less 
than  if  he  were  to  deploy  Catalyst  6500 
chassis  to  do  the  same  job. 

“Of  course,  you  can  do  more  with  a 
[Catalyst  6500] ,  but  for  our  purposes,  the 
[Catalyst]  3750s  were  the  best  choice,” 
he  says. 

The  Catalyst  2970G-24T  is  aimed  at 
wiring  closets  in  companies  looking  into 


Gigabit  to  the  desktop.  With  the  ability  to 
provide  three  speeds  of  Ethernet,  the 
switch  could  be  deployed  to  support 
10/100M  bit/sec  users  now, and  eventually 
Gigabit  Ethernet  desktop  users.  The  box 
also  comes  with  four  slots  for  adding 
Gigabit  uplink  insert  modules,  which  can 
be  fiber-  or  copper-based. 

Cisco’s  Catalyst  3750  line  competes  with 
3Com’s  Switch  4000  series  of  fixed-configu¬ 
ration  Gigabit  Ethernet  switches  and 
Nortel’s  BayStack  5000  all-Gigabit  boxes. 
3Com  has  its  Extendable  Resilient  Network 
architecture,  which  connects  Switch  4000s 
with  multigigabit  links  and  provides 
failover  of  Layer  3  routing  tables.  Nortel’s 
Flexible  Advanced  Stacking  Technology  is 
similar  technology  that  can  connect 
BayStack  5000s  with  up  to  20G  bit/sec  of 
total  bandwidth. 

The  Catalyst  3750G-12S  costs  $8,000.  The 
Catalyst  2970G-24TS  will  be  available  at 
the  end  of  this  month  for  $5,500.  ■ 
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IBM  recommends  Microsoft®  Windows®  XP  Professional  for  Business. 


Warranty  Information:  •  or  a  copy  of  applicable  product  warranties,  write  to:  Warranty  Information,  PO  Box  12195,  RTP,  NC  27709,  Attn:  Dept.  JDJA/B203.  IBM  makes  no  representation  or  warranty  regarding  third-party  products  or  services.  ’Prices  do  not  include  tax  or  shipping 
and  aie  subje-cr  to  cnange  without  notice  Reseller  prices  may  vary  Public  access  not  available  in  all  areas.  Access  lees  may  apply  'Requires  download  of  client  software.  'Based  on  IEEE  802.11b.  This  wireless  LAN  product  has  been  designed  to  permit  legal  operation  worldwide  in 
regions  m  which  it  is  approved  Operation  on  channels  12-14  is  not  permitted  in  all  regulatory  regions  ot  the  world.  Consequently,  the  wireless  LAN  feature  is  limited  to  operate  on  channels  1-1 1  and  will  not  support  channels  12, 13  and  14.  This  product  has  been  tested  and  certified 
to  be  interoperable  by  the  Wireiess  Ethernet  Compatibility  Alliance  and  is  authorized  to  carry  the  Wi-Fi  logo  ‘For  ThinkPad  and  NetVista  models  without  a  separate  video  card,  memory  supports  both  system  and  video.  Accessible  system  memory  may  be  up  to  64MB  less  than  the 
amount  stated  oe ;  *>'  v;g  on  video  mode  G8  1.000.000.000  bytes  when  referring  to  storage  capacity.  Accessible  capacity  is  less:  up  to  3GB  is  used  in  service  partition.  These  model  numbers  achieved  eTesting  Labs,  Inc.'s  BatteryMark"  4  01  or  the  Ziff  Davis  Media,  Inc.'s 
Business  Wmstone  2002  BatteryMark  Version  1  0  Battery  Rundown  Time  of  at  least  the  time  shown  This  test  was  performed  without  independent  verification  by  the  VeriTest  testing  division  of  Lionbridge  Technologies,  Inc  (“VeriTest")  or  Zift  Davis  Media  Inc  :  neither  Ziff  Davis 
Media  Inc  not  VeriTest  makes  any  representations  or  warranties  as  to  these  test  results  Wmstone  is  a  registered  trademark  and  BatteryMark  is  a  trademark  of  Ziff  Davis  Publishing  Holdings,  Inc.,  in  the  U  S.  and  other  countries  A  description  of  the  environment  under  which  the 
test  was  performed  is  ava,,..i  at  lOm  com  pc'mvWinkpact'batteryiite  Battery  life  (and  recharge  times)  will  vary  based  on  many  factors  including  screen  brightness,  applications,  features,  power  management,  battery  conditioning  and  other  customer  preferences  Includes  battery 
and  optional  nave  mm:  instr.ul  of  standard  optical  drive  in  Ultrabay  bay,  if  applicable:  weight  may  vary  due  to  vendor  components,  manufacturing  process  and  options.  Thinness  may  vary  at  certain  points  on  the  system  ‘Some  software  may  differ  from  its  retail  version  (it  available) 
and  may  not  include  user  mam.  ns  oi  an  program  functionality.  Software  license  agreements  may  apply.  Telephone  support  may  be  subject  to  additional  charges.  If  a  machine  is  listed  as  having  “Onsite  service  for  select  repairs"  or  "Limited  onsite  service."  this  means  that  onsite 
service  is  available  only  tor  the  lepiacement  of  select  parts  For  all  other  warranty  repairs.  IBM  will  provide  the  customer  a  replacement  part  for  customer  installation.  The  parts  for  which  onsite  service  is  available  varies  by  machine,  but  may  include  the  processor,  power  supply, 
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Take  off  to  parts  unknown  with  an  IBM  ThinkPad®  wireless  notebook. 
The  world’s  easiest  way  to  switch  between  wired  and  wireless. 

Wherever  you  want  to  work,  the  sky  is  the  limit  when  you  have  IBM  ThinkPad 
notebooks  with  Access  Connections  software  and  wireless  Intel®  Centrino™  mobile 
technology  (on  select  models).  Now  it’s  easier  than  ever  to  switch  between  wired  and 
wireless  networks  -  whether  you’re  at  an  airport,  the  office,  an  Internet  cafe,  even 
your  kitchen.1  So  consider  the  IBM  ThinkPad  wireless  notebook,  and  experience  a 
whole  new  level  of  wireless  possibilities.  thiflk  f  TGGClOm 
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Save  on  shipping.  Order  online." 


NEW!  IBM  ThinkPad  T40 

Distinctive  IBM  Innovations: 

•  Access  Connections  -  easiest  wired  and 
wireless  connectivity 

•  IBM  Embedded  Security  Subsystem  2.0' 

System  Features: 

•  Intel”  Centrino™  mobile  technology 

-  Intel  Pentium  M  processor  1.3GHz  supports 
Enhanced  Intel  SpeedStep '  technology' 

-  Intel”  PRO/Wireless  Network 
Connection  802.1 1  b3 

•  14.1”  XGA  TFT  Display  (1024x768) 

•  256MB  DDR  SDRAM  std/2GB  max4 

•  30GB  hard  drive5 

•  Ultrabay™  Slim  DVD-ROM 

•  6.1 -hr  battery  life6  •  5.6-lb  travel  weight' 

•  Microsoft  Windows  XP  Professional8 

•  1-yr  system/battery  limited  warranty5 
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ServicePac  Service  Upgrade:'" 

3-yr  Onsite  Repair/9x5/Next  Business 
Day  Response 
(#30L91 95)  s243 

NEW!  IBM  ThinkPad  R40 

Distinctive  IBM  Innovations: 

•  Access  Connections  -  easiest  wired  and 
wireless  connectivity 

•  IBM  Embedded  Security  Subsystem  2.0- 

System  Features: 

•  Intel®  Centrino™  mobile  technology 

-  Intel  Pentium  M  processor  1.3GHz  supports 
Enhanced  Intel  SpeedStep  technology" 

-  Intel®  PROAA/ireless  Network 
Connection  802.1 1  b5 

•  14.1"  XGA  TFT  Display  (1024x768) 

•  256MB  DDR  SDRAM  std/IGB  max 

•  20GB  hard  drive 

•  Ultrabay  Plus  CD-RW/DVD-ROM  combo  drive 

•  6.1 -hr  battery  life  •  5.6-lb  travel  weight 

•  Microsoft  Windows  XP  Professional 

•  1  -yr  system/battery  limited  warranty’ 
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ServicePac  Service  Upgrade:'" 

2-yr  Onsite  Repair/9x5/Next  Business 
Day  Response 
(#30L91 89)  *197 


heat  sink,  system  board  or  base  cover.  To  determine  the  complete  list  of  parts  for  which  onsite  service  is  available  for  a  particular  machine,  contact  IBM.  IBM  will  attempt  to  diagnose  and  resolve  any  problems  remotely  before  sending  a  replacement  part  or  technician.  "These  services 
are  available  for  machines  normally  used  for  business,  professional  or  trade  purposes,  rather  than  personal,  family  or  household  purposes.  Not  all  machine  types  and  models  are  covered.  Service  period  begins  with  the  equipment  date  of  purchase.  Service  must  be  purchased  during 
the  original  limited  product  warranty  period.  Service  levels  are  response-time  objectives  and  are  not  guarantees.  A  service  technician  is  scheduled  to  arrive  at  your  location  within  two  or  four  business  hours  or  the  next  business  day  (depending  on  service)  after  remote  problem 
determination  is  completed.  For  the  9x5x4-hour  service,  calls  dispatched  after  1:00  p.m.  local  time,  you  can  expect  the  service  technician  to  arrive  by  the  morning  of  the  next  business  day.  For  noncritical  service  requests,  a  service  technician  will  arrive  by  the  end  of  the  following 
business  day.  If  the  machine  problem  turns  out  to  be  a  Customer  Replaceable  Unit  (CRU).  IBM  will  express  ship  the  part  to  you  for  quick  replacement.  Onsite  24x7x2-hour  service  is  not  available  in  all  locations.  External  peripherals,  such  as  racks,  tape  drives  and  channel  controllers, 
require  their  own,  separate  service  coverage;  they  are  not  covered  under  the  attached  Machine.  Service  activation  is  required  immediately  following  purchase.  For  ThinkPad  notebooks  requiring  LCD  or  other  component  replacement,  IBM  may  choose  to  perform  service  at  the  depot 
repair  center.  For  failing  non-IBM  components,  customer  must  provide  replacement  part  unless  IBM  has  a  Technical  Support  Agreement  with  the  manufacturer.  Service  does  not  cover  accessories,  supply  items  and  certain  parts  such  as  batteries,  frames  and  covers  Standard 
shipping  included  when  you  order  online.  U.S.  only.  ’"With  Intel  SpeedStep,  processor  speed  may  be  reduced  to  conserve  battery  power.  IBM  reserves  the  right  to  alter  product  offerings  and  specifications  at  any  time,  without  notice  IBM  is  not  responsible  for  photographic  or 
typographic  errors.  All  IBM  product  names  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  in  the  U.S.  and  other  countries.  Lotus  and  SmartSuite  are  registered  trademarks  of  Lotus  Development  Corporation,  an  IBM  Company.  Intel,  mte' 
Inside,  the  Intel  Inside  logo,  Celeron,  Intel  Centrino.  the  Intel  Centrino  logo  and  Pentium  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  U.S.  and  other  countries.  Microsoft  and  Windows  are  trademarks  or  registered  trademarks  of  Microsoft 
Corporation.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©  2003  IBM  Corp.  All  rights  reserved. 
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Beware  the  patent  office 


For  years  people  have  moaned  and 
groaned  about  the  goings-on  at  the 
U.S.  Patent  and  Trademark  Office,  espe¬ 
cially  in  the  high-tech  field. The  practice  of 
awarding  patent  protection  to  software  has 
been  reviled  almost  universally  (except  by 
the  patent  holders,  of  course). Think  of  the 
bad  press  Amazon.com  got  for  its  patent 
on  “one  click”  ordering  (see,  for  example, 
“Boycott  Amazon!”  at  www.nwfusion.com, 
Doc  Finder  7335). 

While  reform  of  the  USPTO  is  desirable, 
staffing  it  to  properly  handle  a  myriad  of 
technologies  and  a  deluge  of  applications 
would  cost  more  than  a  tax-avoiding  U.S. 
population  would  bear. Thoughtful  people, 


though,  always  have  felt  that  the  judiciary 
would  throw  out  the  most  egregious 
patents  should  anyone  ever  try  to  enforce 
them.  After  all,  the  first  defense  anyone 
would  make  against  patent  infringement 
would  be  that  the  patent  was  invalid, 
wouldn’t  it? 

Well,  they  try  to.  But  evidently  there  are 
judges  who  have  a  myopic  view  of  the 
USPTO  and  seem  to  believe  that  they 
wouldn’t  award  a  patent  if  it  weren’t  valid. 
One  of  these  is  District  Court  Judge  James 
Zagel  in  Chicago.  In  a  recently  decided 
case  brought  by  Eolas  Technologies  (a 
company  with  one  employee,  no  products 
but  a  handful  of  patents  and  more  than  100 
investors)  against  Microsoft,  the  judge 
twice  refused  to  let  the  Redmond  compa¬ 
ny  present  evidence  that  the  particular 
patent  was  invalid. 

Eolas  says  that  Microsoft’s  ActiveX  tech¬ 
nology  infringed  the  patent  (which  de¬ 
scribes,  in  part, “a  system  allowing  a  user  of 


a  browser  program  ...  to  access  and  exe¬ 
cute  an  embedded  program  object”)  that 
was  granted  in  1998  for  work  originally 
done  at  the  University  of  California.  If  the 
patent  is  valid,  then  the  claim  is  true. 

Microsoft  could  show  that  its  work  on 
what  became  ActiveX  began  in  the  1980s 
and  was  ready  to  call  an  independent 
third-party  witness  who  developed  simi¬ 
lar,  but  earlier,  technology,  also  at  the  Uni¬ 
versity  of  California.  Zagel  refused  to  let 
the  jury  hear  this  evidence  showing  the 
patent  was  invalid. 

It’s  hoped  that  the  appeals  court  will  be 
more  skeptical  of  the  USPTO,  but  then  we 
always  thought  that  a  district  judge  should 
be  able  to  recognize  an  invalid  patent.  We 
were  very  wrong,  and  we  should  be  very 
afraid.  Hundreds  of  patents  are  granted 
every  day.  Many  perhaps  most,  have  no  real 
commercial  application.  But  some  could 
alter  drastically  the  technology  landscape 
and  deeply  affect  your  pocketbook. 


I 


Site: 


Lessons  from  Leading  Users 


Latham 

continued  from  page  25 


synchronization  software  from  Ex¬ 
tended  Systems  worked  fine,  but  the 
PalmOS  at  the  time  lacked  the  features 
of  a  32-bit  platform  such  as  Microsoft 
PocketPC.  Worst  of  all,  Notes  proved 
unsuitable  as  the  data  store  because  it 
wasn’t  a  true  SQL  relational  database. 

Latham  was  getting  desperate,  investi¬ 
gating  interactive  voice-response  phones 
and  optical  character  readers  as  ways  to 
turn  data  around  quickly.  But  those 
options  limited  sales  representatives  to 
yes  or  no  responses. 

In  the  meantime,  the  representatives 
were  faxing  orders  and  written  reports  to 
headquarters  and  experimenting  with 
Handspring’s  Treo  device,  a  combination 
cell  phone  and  PDA. 

Latham  eventually  found  Unique. 
FieldTrack  gave  the  sales  team  most  of 
what  it  needed  and  a  centralized 
Microsoft  SQL  Server  database  that 
made  for  extensive  data  analysis.  Even 
more  important  for  the  hard-pressed 
Latham,  Unique  worked  closely  with 
their  clients. 

But  it  seemed  like  deja  vu  all  over 
again  when  the  first  rollout,  on  Casio 
FbcketPCs,  ground  to  a  halt  when  a 
memory  fault  plagued  the  handhelds. 
Seventy  of  nearly  1 00  of  the  devices  had 
to  be  sent  back,  and  Casio  took  60  to  90 
days  to  sort  things  out.  Latham  recalls. 
But  by  then,  he  had  had  enough  and 
switched  to  the  Toshiba  handhelds,  with 
a  bar  code  scanner  and  a  separate  HP 
digital  camera.  A  memory  card  lets  the 
representative  transfer  the  images  to  the 


SQL  Server 
database 


The  sales  team  at  Charles  Latham  Associates  relies  on  a  service  that 
offers  sales  automation  applications  developed  data  and  synchron¬ 
ization  software  for  wireless  handheld  computers.  The  service  lets 
the  company  get  fast,  more  accurate  measures  of  the  effectiveness 
of  the  sales  team  and  guide  decisions  on  how  to  improve  the  business. 


Retail  store 


1  FieldTrack  sales 


software 

Toshiba  PocketPC  •  Extended  Systems’ 
synch  client 
1  •  Bar  code  scanner 


ASP  hosted  service 


FieldTrack  server 
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Extended  Systems’ 
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Sales  rep  at  retailer  enters  data, 
scans  labels,  takes  digital  images,  j 


Daily  synchronizations  move  hand¬ 
held  data  to  hosted  database. 


Execs  view  reports,  data, 
images  within  24  hours. 


handheld  for  uploading. 

Sales  representatives  usually  synchro¬ 
nize  their  handhelds  once  a  day. 
Unique  has  eight  toll-free  T-l  lines  to  the 
hosted  site.  With  Extended’s  software, 
each  synchronization  takes  about  12  to 
14  minutes,  says  Andy  Fay,  Unique’s 
executive  vice  president.  Each  sales  rep¬ 
resentative  typically  uploads  10  to  15 
images  daily. 

So  far,  Latham  says,  he’s  spent  about 
$100,000  on  all  the  various  hardware 
and  software  elements,  and  another 
$100,000  for  the  ASP  service. 

“We're  starting  to  see  a  return  on  our 
investment,"  he  says.  Part  of  the  return  is 


in  getting  much  more  accurate  data, 
much  faster  than  ever  before.  “For  man¬ 
agers,  they  can  now  know  when  they 
have  a  problem  usually  within  24  hours, 
instead  of  having  to  wait  a  week,”  he 
says. 

Another  benefit  is  the  weekly  trend  an¬ 
alysis.  “We  can  evaluate  how  well  we 
executed  that  week,”  Latham  says. 

The  next  step  is  adding,  with  Unique, a 
complete  travel-and-expense  report  pro¬ 
gram,  followed  later  by  a  time-and-atten- 
dance  program.  “A  2%  reduction  in 
mileage  [reimbursements],  by  more 
precise  records,  can  pay  for  this  [sys¬ 
tem]  in  a  year,"  Latham  says.B 
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Kearns,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@  uquill.com. 


Tip  of  the  Week 


The  patent  under  dispute, 
No.  5,838,906,  can  be 
viewed  at  the  USPTO  Web 
site  (www.uspto.gov).  Re¬ 
member  that  you  under¬ 
stand  technology  in  ways 
the  patent  examiner  —  and 
especially  the  judge  —  do 
not.  Read  the  patent,  then 
write  your  congressman 
and  demand  patent  reform. 


Avaya  cabling 
makes  10G 
go  further 

■  BY  PHIL  HOCHMUTH 

Avaya  last  week  released  new  cabling 
products  aimed  at  helping  users  increase 
the  distances  between  10G  Ethernet 
devices. 

The  company  says  its  LazrSpeed  550 
structured  cabling  infrastructure  products, 
which  include  multi-mode  fiber  cabling, 
couplers  and  racks,  could  let  companies 
almost  double  the  range  of  10G  Ethernet 
signals  over  multi-mode  fiber  cabling. 

LazrSpeed  550  cabling  can  amplify  10G 
Ethernet  signals,  letting  them  reach  up  to 
about  1,800  feet,  up  from  the  standard  lim¬ 
itation  of  980  feet,  the  company  says. 

Most  of  the  IEEE’s  802.3ae  standard  for 
10G  Ethernet  calls  for  running  10G  over 
costly  single-mode  fiber,  with  distances  of 
up  to  40  miles.  These  specifications  were 
made  mostly  with  carriers  in  mind.  But  the 
standard  does  include  an  850nm  specifica¬ 
tion  for  running  10G  over  multi-mode  fiber 
—  the  fiber  cabling  commonly  installed  in 
many  organizations  to  support  FDDI  rings. 
Multi-mode  fiber  can  be  installed  for 
around  half  the  cost  of  single-mode, 
according  to  cabling  industry  experts. 

There  hasn’t  been  much  uptake  for 
Avaya s  10G  Ethernet  switch  products  —  it 
had  a  little  more  than  2%  of  the  10G  market 
in  2002, according  to  Synergy  Research.  But 
Avaya  is  the  leader  in  structured  cabling 
systems  in  the  U.S,  according  to  InfoTech. 
Avaya’s  connectivity  business,  which 
includes  structured  cabling  systems,  is  a 
legacy  business  left  over  from  before  the 
firm  split  off  of  Lucent.  While  emphasized 
as  a  growth  area  by  Avaya,  it  accounts  for 
around  12%  of  its  $3.2  billion  in  revenue.  ■ 
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mpowering  virtual  servers. 

Virtualized  data  center  servers  get  help 


■  BY  JENNIFER  MEARS 

Corporate  customers  are  looking  to  save  money  and 
boost  production  by  consolidating  workloads  onto 
single  servers. 

By  using  virtualization  technologies,  which  separate 
software  from  hardware  platforms,  users  can  eliminate 
multiple  physical  servers  and  get  the  processing  power 
they  need  from  fewer  boxes.  But  those  virtualized 
servers  need  to  communicate  with  each  other,  and  as 
such  new  technologies  likely  will  rise  to  speed  perfor¬ 
mance  and  ensure  security.  HP  IBM  and  Sun  all  have 
looked  at  or  developed  these  server-interconnection 
technologies.  Other  technologies  such  as  InfiniBand, 
the  high-speed  I/O  switching  fabric  and  10G  Ethernet, 
also  are  emerging. 

IBM  seems  to  be  the  furthest  along,  analysts  say. The 
company  developed  HiperSockets,a  technology  used  in 
its  z900  mainframe,  to  address  performance  issues.  And 
analysts  expect  technologies  like  it  will  become  more 
widely  deployed  as  data  centers  morph  into  on-demand 
environments  where  communication  and  resource  shar¬ 
ing  is  essential. 

HiperSockets  creates  a  virtual  LAN  (VLAN)  inside  a 
zSeries  mainframe.lt  is  microcode,  or  firmware,  that  uses 
TCP/IP  protocol  to  move  traffic  among  operating  system 
images,  allowing  for  memory-to-memory  communica¬ 
tion.  Because  it  uses  the  memory  bus  for  its  communica¬ 
tion  channel,  HiperSockets  allows  for  performance  that  is 
faster  with  less  latency  than  typical  external  network 
connections  such  as  Ethernet,  IBM  says. 

“Latency  turns  out  to  be  extremely  low,  a  plus  especial¬ 
ly  with  transactional  applications  that  would  have  to  wait 
for  network  turnaround  with  traditional  network  links,” 
says  Jim  Goethals,  IBM’s  zSeries  networking  manager.“ln 
this  scenario  there  is  hardly  any  turnaround  delay” 
Without  HiperSockets,  traffic  within  a  mainframe  would 
travel  over  external  network  paths  or  be  routed  via  an 
Open  Systems  Adapter  (OSA)-Express  card  among  parti¬ 
tions.  HiperSockets  takes  that  internal  OSA-Express  deliv¬ 
ery  a  step  further,  eliminating  the  OSA-Express  middle¬ 
man  and  enabling  memory-to-memory  communication 
among  applications. 

HiperSockets  replaces  physical  mainframe  I/O  channel 
devices  such  as  OSA-Express  —  IBM’s  mainframe  LAN 
adapter,  Enterprise  Systems  Connection  and  Fibre 
Channel. 

In  the  latest  release  of  IBM’s  zSeries,  the  zSeries  990, 
users  can  define  up  to  16  HiperSockets  LANs,  which  sup¬ 
ports  up  to  4,0%  virtual  servers  or  up  to  12,288  IP 
addresses. 

Called  a  “network  in  a  box”  by  IBM,  HiperSockets  orig¬ 
inally  was  introduced  to  reduce  the  external  gear 
needed  to  support  consolidated  workloads  on  a  main¬ 
frame  and  provide  a  highly  available,  high-speed  net¬ 
work  connection  among  combinations  of  virtual 
servers  and  logical  partitions.  Analysts  say  the  technol¬ 
ogy  will  come  in  handy  as  users  consolidate  work¬ 
loads  and  look  for  ways  to  improve  communication 
among  virtualized  servers. 

“The  advantage  comes  because  I  can  run  multiple 
operating  systems  on  there.  But  what  I'm  really  trying 
to  do  is  to  be  able  to  share  resources  or  have  some 


better  communication  among  things  because  they’re 
on  the  same  box  as  opposed  to  being  on  separate 
boxes,”  says  John  Phelps,  a  research  vice  president  at 
Gartner. 

In  addition,  IBM  executives  note  that  because  the  serv- 
er-to-server  communication  can  happen  within  the  main¬ 
frame,  bandwidth  on  external  LAN  backbones  is  freed 
up  to  increase  capacity  for  traffic  into  and  out  of  the 
mainframe.  Security  is  also  better,  they  say,  because  traffic 
never  leaves  the  mainframe  chassis.  Application  perfor¬ 
mance  also  is  improved  because  data  transfers  can  hap¬ 
pen  more  quickly  and  with  less  latency 

Most  companies  use  HiperSockets  to  link  middle-tier 
applications  running  on  Linux,  z/OS  or  z/VM  virtual 
servers.  More  and  more,  HiperSockets  is  playing  a  role  in 
linking  to  databases  and  transaction  applications. 

“The  more  independent  domains  or  partitions  or  little 
zones  of  work  you  have,  the  more  interconnected  they 
are,  the  bigger  the  payoff,” says  Jonathan  Eunice,  presi¬ 
dent  and  principal  analyst  at  llluminata. 


For  Boscov’s  Department  Stores,  running  Linux  on  an 
IBM  mainframe  meant  getting  rid  of  the  headaches 
associated  with  running  dozens  of  Windows  NT 
servers.  In  2001,  Boscov  consolidated  workloads  from 
more  than  40  NT  servers  to  Linux  virtual  servers  on  the 
IBM  z900. 

The  company,  which  operates  39  department  stores  in 
Pennsylvania,  Delaware,  Maryland,  New  York  and  New 
Jersey,  uses  HiperSockets  to  improve  performance  of 
applications  on  the  mainframe.  HiperSockets  connects 
Linux  instances  on  the  z/VM  side  of  the  z900  with  Cus¬ 
tomer  Information  Control  System  applications, Tivoli 
Storage  Manager  for  backing  up  data  and  the  Light¬ 
weight  Directory  Access  Protocol  server  on  the  z/OS 
side, says  Joe  Poole,  technical  director  at  Boscov’s  in 
Reading,  Pa. 

“If  one  side  of  the  z900  needed  contact  with  the  other 


side,  the  traffic  would  have  to  flow  out  through  the  net¬ 
work  to  get  there,”  Poole  says. 

"With  the  OSA  card  being  shared  by  both  z/OS  and 
z/VM,  that  traffic  takes  a  shortcut  and  is  routed  right  on 
the  card,”  he  says.“HiperSockets  [lightens  the  load]  on 
the  OSA  card,  and  traffic  flows  directly  from  z/VM  to 
z/OS  at  speeds  not  attainable  any  other  way” 

Looking  ahead,  Poole  says  he  plans  to  use  Hiper¬ 
Sockets  to  create  high-speed  connections  from  Linux 
instances  to  the  DB2  data  warehouse  running  on  the 
mainframe’s  z/OS  side.“Distributed  database  access  has 
never  been  faster’  he  says. 

HiperSockets  is  available  only  with  zSeries  main¬ 
frames,  but  IBM  executives  say  users  can  expect  to  see 
HiperSockets  integrated,  in  some  form,  into  other  IBM 
platforms. 

Analysts  say  they  wouldn’t  be  surprised  to  see  HPSun 
and  others  start  to  look  at  similar  technologies. 

Sun  introduced  a  VLAN  type  of  technology  called 
InterDomain  Networks  (IDN)  in  the  late  1990s  on  its 


StarFire  Enterprise  10000  servers.  IDN  enabled  high¬ 
speed  networking  between  domains,  or  partitions,  in 
the  server  using  standard  interfaces  such  as  TCP/IP 
Like  HiperSockets,  it  enabled  memory-to-memory 
communication. 

But  Sun  no  longer  offers  IDN  and  is  moving  away  from 
partitioning  operating  systems  into  multiple  images, says 
Don  Whitehead,  director  of  Sun’s  mainframe  rehosting 
group.  Instead,  the  Solaris  operating  system  will  use  “con¬ 
tainers,”  which  are  basically  isolated  applications  that 
share  one  operating-system  image. 

HP  says  its  focus  is  on  Remote  Direct  Memory 
Access  (RDM A),  which  enables  memory-to-memory 
communication  over  TCP/IP  RDMA  is  an  external  net¬ 
work  link  that  works  over  Ethernet.  Unisys  says  it  also 
is  looking  at  external  network  connectivity  for  its  parti¬ 
tioned  servers.  ■ 


Hyped  up 


IBM’s  HiperSockets  is  software  that  creates  a  virtual  LAN  inside  zSeries  mainframes.  The  idea 
is  to  move  traffic  directly  between  operating  system  or  database  images,  improving  application 
and  network  performance.  _ _ 


IBM  zSeries  mainframe 


HiperSockets  enables  fast,  direct  communications  through  a  firewall, 
between  logical  servers  and  other  resources  on  the  mainframe. 


LPAR  (logical  partition) 


HTTP  servers 


i  i  i  r 

Virtual  Linux  servers 


Multiple  servers  and  work¬ 
loads  can  be  consolidated 
and  defined  on  the  mainframe. 
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Hipersockets 


If  needed,  traffic  also  can  be 
directed  to  external  servers  via 
IBM’s  Open  Systems  Adapter. 
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Freedom  of  Choice  Comes  to  Wireless 

3Com's  modular  lineup  of  wireless  access  points  and  all-purpose  PC  Cards 
support  any  mix  of  WLAN  and  security  standards. 


Even  though  wireless  LANs 
have  been  available  for  years 
now,  many  enterprises  have 
shied  away  from  major 
implementations  for  a  number  of  rea¬ 
sons,  including  concerns  about  stan¬ 
dards,  security,  scalability  and  man¬ 
agement.  Nobody  wants  to  get  stuck 
with  technology  that  becomes  obso¬ 
lete  as  new  generations  emerge  or 
that  opens  the  door  to  intruders. 

3Com®  has  devised  a  wireless  LAN 
strategy  that  addresses  each  of  these 
concerns,  with  a  lineup  of  wireless 
products  that  support  all  existing 
WLAN  standards.  The  3Com  8200, 
8500  and  8700  Wireless  LAN  Access 
Points  use  a  modular  architecture  that 
allows  customers  to  upgrade  from  one 
wireless  standard  to  another  as 
requirements  dictate. 


802.11a  radio  and  the  8700  includes 
both  types  of  radios.  3Com  also  offers 
upgrade  kits  that  allow  users  to  add  any 
type  of  radio  -  802.1  la,  1 1  b  or  1 1  g  - 
to  any  of  the  modular  access  points. 
That  means  users  can  employ  any  type 
of  access  point  and  be  assured  they 
could  later  buy  an  upgrade  kit  to 
address  future  requirements. 

A  single  3Com  Wireless  PC  Card  sup¬ 
ports  all  three  IEEE  802.1 1  wireless  net¬ 
working  standards,  enabling  a  client 
machine  to  connect  to  any  type  of  WiFi 
network.  The  WiFi-certified  card  comes 
with  3Com's  award-winning,  patented 
XJACK®  antenna,  which  retracts  inside 
the  card,  so  it  won't  break  off  when 
users  store  their  computers  in  travel 
cases.  The  XJACK  antenna  also  helps 
preserve  battery  life  because  it  draws 
power  only  when  extended. 


tion  with  RADIUS  server  authentica¬ 
tion  support  using  MD5  and  the 
Extensible  Authentication  Protocol 
(EAP),  including  EAP-TLS,  PEAP  and 
EAP-TTLS. 

To  protect  data  in  transit,  3Com  sup¬ 
ports  a  number  of  encryption  algo¬ 
rithms,  including  128-bit  Advanced 
Encryption  Standard,  and  Wireless 
Equivalent  Privacy  (WEP)  RC4  40/64- 
bit,  128-bit  and  154-bit  shared-key 
encryption. 

To  ensure  good  performance,  3Com 
access  points  and  PC  Cards  include 


3Com  on  Campus 


Naturally,  3Com  access  points  and 
PC  Cards  support  the  top  speeds 
allowed  by  each  wireless  standard  -  up 
to  54  Mbps  for  802.1 1  a  and  802.1 1  g, 
or  108  Mbps  in  turbo  mode,  which 
combines  the  throughput  of  two 
channels. 

MAKING  WIRELESS 
MANAGEABLE 

Using  the  Wireless  LAN  Manager, 
administrators  can  create  profiles 
with  the  specific  wireless  LAN  settings 
that  each  user  requires,  depending 


MODULAR 

SOLUTIONS 

With  3Com's  modular 
approach,  users  can  sup¬ 
port  any  mix  of  wireless 
standards  (see  table). 
3Com  offers  three  base 
models  of  access  points: 
the  3Com  Wireless  LAN 
Access  Point  8200 
includes  an  802.11b 
radio,  while  the  model 
8500  includes  an 
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SECURE,  RELIABLE 
AND  FAST 

3Com  likewise  supports 
a  suite  of  security  stan¬ 
dards,  enabling  cus¬ 
tomers  to  match  the  level 
of  security  to  their  specific 
requirements.  To  protect 
against  unauthorized  net¬ 
work  access,  the  PC  Card 
and  access  points  support 
WiFi  Protected  Access 
(WPA),  the  next-genera¬ 
tion  WiFi  security  stan¬ 
dard,  802.1  x  authentica- 


3Com  wireless  LAN  access  points 
and  1  ia/b/g  Wireless  PC  Card  with 
patented  XJACK  antenna  give  cus¬ 
tomers  the  ultimate  in  flexibility 
along  with  performance,  security 
and  management. 


"Our  3Com  wireless  solution  enables  us  to  extend 
research  and  scholarship  beyond  the  classroom  into  vir¬ 
tually  every  corner  of  our  campus.  Using  their  access 
points,  we're  delivering  anytime,  anywhere  connectivity 
simply  and  securely  —  for  thousands  of  dollars  less  than 
an  equivalent  wired  solution. " 

Vedat  Gunay,  associate  director  of  information  technology  services, 
State  University  of  West  Georgia. 


features  such  as  autonomous  load  bal¬ 
ancing,  ensuring  users  always  connect 
to  the  access  point  that  offers  fastest 
throughput,  and  dynamic  rate  shift¬ 
ing,  which  adjusts  connection  speed 
to  changing  traffic  and  environmental 
conditions. 

Like  many  other  3Com  products,  the 
access  points  support  Power  over 
Ethernet,  enabling  the  same  Category 
5  cable  that  connects  the  access  point 
to  the  network  to  supply  its  power. 
That  simplifies  installation  and  offers 
more  choices  in  mounting  options. 


WLAN  Standards  at  a  Glance 


Standard 

Speed 

Range 

(meters) 

Frequency 

Compatible 

Standard 

Comments 

802.11a 

54  Mbps,  or 
108  Mbps  in 
turbo  mode 

50 

5  GHz 

None 

Operates  on  a  low-interference  channel,  but  with  limited 
coverage.  Good  for  customers  with  dense  user  base. 

802.11b 

11  Mbps 

100 

2.4  GHz 

802.1 1g 

The  most  widely  deployed  wireless  standard,  802. 1 1  b 
has  a  high  degree  of  multivendor  interoperability  but 
operates  in  the  crowded  2.4GHz  spectrum  and  has  a 
relatively  slow  top  speed. 

802.1 1g 

54  Mbps,  or 
108  Mbps  in 
turbo  mode 

100 

2.4  GHz 

802.11b 

Higher  speed,  but  still  compatible  with  the  millions  of 
installed  802.11b  products.  Faces  same  spectrum  issues 
as  802.11b. 

on  where  they  need  to  connect  from. 
As  users  change  location,  they  mere¬ 
ly  click  on  an  icon  for  the  new  loca¬ 
tion  to  configure  the  card. 

3Com  also  supports  management 
standards  including  SNMP,  enabling 
a  3Com  wireless  network  to  be  man¬ 
aged  alongside  a  wired  network  from 
platforms  including  the  3Com 
Network  Supervisor  and  HP 
OpenView.  Using  an  embedded  Web 
server  browser,  customers  can  config¬ 
ure  parameters,  run  diagnostics  and 
monitor  performance  of  the  wireless 
LAN  from  anywhere  on  the  network. 

The  3Com  wireless  LAN  story  is  all 
about  freedom  of  choice.  Whether  it's 
choosing  the  wireless  LAN  standard 
that  best  fits  your  environment  now  - 
knowing  you  can  upgrade  if  require¬ 
ments  change  -  or  the  mix  of  authen¬ 
tication  protocols  and  encryption 
standards,  even  the  management 
platform,  3Com  offers  options  to 
match  most  any  enterprise  require¬ 
ment.  In  short,  3Com  has  eliminated 
the  roadblocks  to  widespread  enter¬ 
prise  wireless  LAN  deployments. 


Learn  More  About  3Com  Download  the  free  3Com  white  paper,  "Deploying  802.11  Wireless  LANs. 

Wireless  Network  Solutions  Visit:  http://www.nwfusion.com/goAWLAN1 


WHO  HAS  BUILT  MORE  THAN 
2800  INDUSTRIAL-STRENGTH 
NETWORKS  IN  204  COUNTRIES? 


Extreme  Networks. 

We  are  a  global  pioneer  in 
developing  networking 
infrastructure  for  IP-based 
applications  in  the  large 
enterprise  and  metro 
service  provider  markets. 

We  see  a  world  emerging 
where  all  electronic 
communications  flow  over 
Ethernet  and  IP.  Anticipating 
the  millions  of  connections 
your  network  will  support, 
we  deliver  a  Business 
Optimized  Infrastructure  that 
provides  explosive  scalability, 
eliminates  capacity  issues 
and  enhances  application 
performance  at  the  lowest 
total  cost  of  ownership. 

To  learn  more,  visit 
extremenetworks.com/boi.htm 
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Revolutionary  retailing 

German  supermarket  uses  wireless,  RFID  to  run  business. 


Flamenco  revs 
Web  services 
management 
platform 

■  BY  JOHN  FONTANA 

Flamenco  Networks  next  month  is 
scheduled  to  unveil  the  next  version  of  its 
Web  Services  Management  platform, 
which  provides  corporate  customers  with 
the  means  to  control  and  secure  XML- 
based  network  traffic. 

WSM  4.0  is  a  distributed  platform  that 
consists  of  two  primary  components, 
a  controller  and  a  set  of  proxies.The  con¬ 
troller  monitors  and  manages  Web  ser¬ 
vices  traffic  using  data  collected  from 
proxies,  which  run  on  Windows,  Linux  or 
Sun  Solaris.  The  proxies  are  configured 
to  support  a  variety  of  security  functions 
such  as  authentication,  authorization, 
policy,  encryption,  digital  signatures 
and  non-repudiation  for  Web  services 
applications. 

In  WSM  4.0,  Flamenco  says  it  has  rewrit¬ 
ten  its  proxies  in  C  and  C-h-  to  increase 
performance.  Previously  the  proxies  were 
written  in  Java,  which  will  continue  to  be 
supported  but  is  being  phased  out.  The 
See  Flamenco,  page  34 


Takes 

■  Network  Associates'  McAfee 
Security  division  unveiled  its  Spam- 
Killer  line  of  anti-spam  appliances 
that  can  be  configured  to  block  unso¬ 
licited  e-mail  using  rules-based  scan¬ 
ning  and  scoring.  The  three  models 
are  the  $1,700  SpamKiller  e250, 
which  can  filter  25,000  Simple  Mail 
Transfer  Protocol  messages  per 
hour;  SpamKiller  e500,  which  costs 
about  $7,700  and  can  filter  40,000 
SMTP  messages  per  hour;  and 
SpamKiller  elOOO,  which  costs  about 
$12,600  and  can  filter  60,000  SMTP 
messages  per  hour. 

■  Sygate  has  beefed  up  its  security 
software  making  it  possible  to  secure 
all  endpoints  on  a  network  — 
servers,  desktops,  via  remote  access 


■  BY  JOHN  BLAU 

Imagine  a  transponder  tagged  to  a  bottle 
of  shampoo  tracking  its  whereabouts  in  a 
supermarket,  or  a  “smart”  shelf  informing 
staff  to  replenish  the  selection  of  cream 
cheese,  or  a  mini-PC  attached  to  the  shop¬ 
ping  cart,  letting  shoppers  scan  their  own 
purchases,  call  up  bargains  and  navigate 
the  store. 

No,  these  gizmos  aren’t  science  fiction; 
they’re  cutting-edge  IT  retailing  systems 
that  are  being  tested  in  a  supermarket  in 
Rheinberg,  Germany  The  store  is  serving  as 
a  retail  laboratory  for  its  owner,  Metro,  with 
about  40  hardware  and  software  partners 
from  around  the  globe.  And  it’s  raising 
some  eyebrows  in  the  industry 

The  collection  of  applications  in  Metro’s 
Future  Store  initiative  aims  to  boost  store 
efficiency  through  such  improvements  as 
enabling  targeted  marketing  and  ending 
long  queues. 

Not  everything  in  the  Future  Store  will 
find  its  way  into  the  market.  After  all,  this  an 
experimental  store,  but  it’s  one  that  involves 
real  customers  using  real  technology  in  real 
time.  And  it’s  run  by  the  fifth-largest  retailer 
in  the  world,  with  2,300  stores  in  26  coun¬ 
tries  and  sales  of  $54  billion  in  2002. 


or  on  the  LAN  —  by  making  sure  they 
are  compliant  with  corporate  security 
policies  Sygate  Secure  Enterprise 

3.5  software  can  deny  or  restrict  use 
of  corporate  networks  by  any  machine 
running  a  Secure  Enterprise  agent. 
Agents  check  whether  machines  have 
the  proper  operating  system  configu¬ 
rations,  appropriate  patches  and  secu¬ 
rity  applications  such  as  firewalls, 
anti-virus  and  intrusion  detection. 
Devices  that  come  don’t  comply  with 
the  policies  can  be  monitored,  blocked 
from  network  access  or  referred  to 
update  servers.  Another  new  feature 
with  the  3.5  release  called  Policy 
Arbitration  lets  an  individual  user  con¬ 
trol  what  other  machines  can  access 
on  his  machine.  The  software  is  com¬ 
patible  with  Windows  operating  sys¬ 
tems  from  Windows  95  through 
Windows  Server  2003.  Version  3.5  ships 
now  and  costs  $15  to  $70  for  a  single 
seat,  depending  on  the  features 
enabled. 


Even  hardened,  retail  technology  execu¬ 
tives  acknowledge  that  the  prospect  of  test¬ 
ing  and  refining  multiple  technologies  in  a 
retail  setting  is  enough  to  make  their  hearts 
pound.“This  is  a  unique  IT  retailing  experi¬ 
ment,  and  we’re  glad  to  be  a  part  of  it,”  says 
Dimitris  Nikolatas,  product  manager  of 
Cisco.  Cisco  is  providing  a  lot  of  the  hard¬ 
wired  and  wireless  IP  infrastructure,  includ¬ 
ing  a  content  delivery  platform  that  broad¬ 
casts  audio  and  video  content  and  data  to 
any  number  of  delivery  points. 

Leading-edge  technology 

Of  all  the  technologies  being  tested,  two 
stand  out:  wireless  and  radio  frequency  ID 
(RFID).  The  two  are  linked  to  just  about 
every  new  technical  gadget  being  tested  in 
the  store. 

The  4,000-square-foot  building  is  covered 
by  a  wireless  LAN  (WLAN),  based  on  the 
802.11b  standard.  The  network  links  all 
mobile  devices,  such  as  personal  shopping 
assistants  (PSA)  and  PDAs,  and  some  sta¬ 
tionary  devices,  such  as  electronic  shelf 
labels  (ESL),  checkout  points  and  flat- 
screen  displays  for  product  promotion. 

The  PSA  is,  essentially  a  mini-computer 
attached  to  the  shopping  cart  and  linked 
directly  to  the  WLAN.  Manufactured  by 
Wincor  Nixdorf  International,  the  PC 
includes  a  touchscreen  with  an  integrated 
scanner  that  lets  shoppers  scan  their  pur¬ 
chases  for  quick  payment  at  the  checkout 
point.  Purchase  data  is  transmitted  over  the 
WLAN  to  the  checkout  terminal.  Shoppers 
give  the  clerk  their  reference  number 
assigned  by  the  PSA  and  pay  without  emp¬ 
tying  the  shopping  carts. 

Store  employees  are  equipped  with  PDAs. 
The  Future  Store  is  testing  HP’s  iPaq  5450 
and  3970  models  and  Symbol  Tech¬ 
nologies’  PDT-8100.  The  handheld  devices 
run  Windows  Pocket  PC  operating  system. 

Linked  to  the  WLAN,  the  PDAs  let  employ¬ 
ees  check  inventory  or  reorder  goods  by 
accessing  Metro’s  merchandise  manage¬ 
ment  system  and  from  anywhere  in  the 
store.The  next  phase  of  development  calls 
for  the  PDAs  to  receive  “soft  phone”  fea¬ 
tures,  letting  staff  make  calls  in  addition  to 
sending  messages  or  downloading  infor¬ 
mation,  according  to  Nikolatas.The  service 
will  be  based  on  voice-over-IP  technology, 
as  are  all  other  hardwired  and  wireless  in¬ 
store  communication  systems. 

While  ESL  technology  isn’t  entirely  new 
(the  technology  has  been  around  for 
almost  a  decade),  its  prohibitive  cost  had 


a  reality 


Tracking  goods 

Pallets  and  boxes  are  tagged  at 
Metro’s  distribution  center  in 
Essen,  Germany,  and  recorded  as 
they  pass  through  a  gate  in  the 
Future  Store.  The  system  is  de¬ 
signed  to  provide  real-time  infor¬ 
mation  on  warehouse  shipments 
and  shop-floor  inventory  levels. 


prevented  widespread  use. 

Almost  all  the  products  in  the  Future 
Store  have  electronic  labels.  These  labels 
receive  price  information  directly  from  the 
merchandise  management  system  via  the 
radio  network  using  base  stations  in  the 
ceiling.  Price  information  is  transmitted 
simultaneously  to  the  shelf  and  checkout 
point  to  avoid  price  differences  because  of 
erroneous  labeling.  The  price  labels  are 
equipped  with  an  easy-to-read  digital  LCD, 
battery  and  radio  receiver. 

One  of  the  most  talked-about  technical 
novelties  of  the  Future  Store  is  RFID.  It’s  a 
See  Stores,  page  34 
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The  Minnesota  Public  Utilities  Com¬ 
mission  knows  it  knows  more  than 
you  do.  It  knows  what  telephone  ser¬ 
vice  is,  and  woe  be  you  if  your  definition  is 
different  than  its  because  the  commission 
has  the  law  on  its  side. 

The  group  recently  concluded  that  at 
least  one  voice-over-internet  service  is 
actually  a  telephone  service  deserving  of 
regulation  rather  than  yet  another  informa¬ 
tion  service  running  over  the  Internet.  In 
case  you  did  not  know  already,  using  the 
words  “regulation”  and  “innovation”  in  the 
same  sentence  is  a  challenge. 

It  seems  that  someone  at  the  Minnesota 
Department  of  Commerce  saw  an  ad  for 


Protecting  the  public  from  innovation 


Vonage,  a  voice-over-IP  provider,  thought  it 
looked  a  lot  like  an  ad  from  a  telephone 
company  and  complained  to  the  PUC. 
Ostensibly  the  Commerce  Department  was 
worried  that  Vonage  did  not  do  the  right 
thing  when  it  came  to  supporting  911 
emergency  calls.  A  spokesperson  for  the 
Commerce  Department  was  quoted  as  say¬ 
ing  that  Vonage  should  not  be  permitted  to 
operate  in  Minnesota  if  its  91 1  implemen¬ 
tation  was  not  up  to  standards.  And,  by  the 
way  Minnesota  has  a  bunch  of  taxes  that 
apply  to  phone  services,  and  the  state  is 
involved  in  setting  the  rates  for  phone 
services. 

There  are  a  number  of  intertwined  issues 
here: 

•  91 1  services  depend  on  knowing  where 
someone  is.  This  is  easy  when  there  is  a 
dedicated  wire  for  the  phone  service,  hard 
to  impossible  when  someone  can  plug  the 
phone  into  any  Internet  connection  any¬ 
where  in  the  world. 


•  Even  if  Vonage  could  tell  the  emer¬ 
gency  folks  exactly  where  the  caller  is,  it 
would  not  be  compatible  with  the  emer¬ 
gency  systems  because  they  depend  on 
receiving  a  phone  number  that  they  look 
up  in  a  database  to  find  a  street  address. 

•  Vonage  does  not  advertise  that  it  pro¬ 
vides  91 1  service  (but  it  does  seem  to  have 
some  way  to  provide  something  like  it), so 
should  the  company  be  required  to  pro¬ 
vide  something  it  does  not  advertise? 

•  When  does  a  voice  interaction  applica¬ 
tion  become  a  phone  service  —  is  voice- 
enabled  instant  messaging  a  phone  service 
that  needs  to  support  911? 

•  How  much  of  this  is  actually  the  regu¬ 
lators  trying  to  protect  the  incumbent 
phone  companies  and  the  revenue 
streams  from  them? 

When  there  was  only  one  phone  com¬ 
pany  in  any  an  area,  there  might  have  been 
a  good  reason  for  the  regulators  to  define 
what  services  that  phone  company  had  to 


offer  and  at  what  price.  But  because  the 
Internet  lets  an  infinite  number  of  compa¬ 
nies  and  individuals  offer  the  equivalent  of 
phone  service  in  the  same  area,  is  the  reg¬ 
ulation  still  needed  to  protect  the  con¬ 
sumer?  Real  competition  between  pro¬ 
viders  pushes  innovation  and  lowers 
prices. Somehow  I  don’t  think  it’s  likely  that 
regulations  from  the  PUC  will  have  the 
same  effect. 

Maybe  these  regulators  should  insist  on 
truth  in  advertising, such  as  requiring  ads  to 
say  that  91 1  is  not  provided,  and  let  custo¬ 
mers  decide  what  they  want.That  seems  to 
work  in  many  other  areas. 

Disclaimer:  I’m  sure  Harvard  trains  some 
regulators;  1  hope  they  are  not  as  good  at 
ignoring  the  interest  of  consumers.  But  the 
above  is  my  observation. 

Bradner  is  a  consultant  with  Harvard 
University’s  University  Information  Systems. 
He  can  be  reached  at  sob@sobco.com. 
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technology  that  is  high  on  the  priority  list  of 
Metro  and  other  big  European  retailers, 
such  as  Tesco  in  the  U.K.  and  Carrefour  in 
France,  not  to  mention  the  European 
Central  Bank,  which  is  struggling  to  stem 
the  flood  of  counterfeited  euros. 

But  RFID  also  has  been  deeply  criticized 
by  privacy  advocates,  such  as  Consumers 
Against  Supermarket  Privacy  Invasion  and 
Numbering.  The  group  worries  that  such 
technology  could  create  an  Orwellian 
world  where  sales  clerks  or  law  enforce¬ 
ment  officials  could  read  the  contents  of  a 
handbag  with  the  wave  of  a  wand.  Con¬ 
sumer  concerns  about  RFID  have  prompt¬ 
ed  Wal-Mart  to  scale  back  ambitious  plans 
for  deploying  the  smart-tag  technology. 

Privacy  issues  aside,  RFID  systems  have 
come  a  long  way  from  their  origins  in 
World  War  II  when  the  U.S.  government 
used  transponders  to  distinguish  friendly 
aircraft  from  enemy  aircraft.  Today  they’re 
being  used,  albeit  in  limited  numbers 
because  of  the  cost  of  manufacturing  the 
chips,  for  delivering  packages,  handling  lug¬ 
gage  and  monitoring  highway  tolls. 

A  typical  RFID  tag  contains  a  computer 
chip  and  an  antenna.  Unlike  bar  codes, 
which  need  to  be  scanned  manually  and 
read  individually,  RFID  tags  don’t  require 
line-of-sight  reading. So  it’s  possible  to  read 
hundreds  of  tags  a  second. 

Moreover,  when  stimulated  by  a  radio  sig¬ 
nal,  the  chip  transmits  a  unique  code  to 
identify  the  product  to  which  the  tag  is 
fixed. Hi  is  unique  identifier  carries  not  only 
the  product’s  universal  product  code  as  bar 
codes  currently  do,  but  also  gives  that  item 
its  own  unique  identification.  For  example, 
instead  of  a  bar  code  saying: "This  is  a  box 
of  Brand  X  detergent,”  the  RFID  chip  says: 
“This  is  box  No.  12345  of  Brand  X.” 

If  the  difference  is  subtle,  the  potential  is 


A  huge  challenge,  says 
Gerd  Wolfram,  project 
manager  of  the  Future 
Store,  is  managing  the 
data  generated  from  the 
movement  of  tagged 
products. 

huge.  For  instance,  a  retailer  quickly  could 
trace  and  remove  a  bad  lot  of  canned 
goods. 

Metro  is  using  two  types  of  RFID  technol¬ 
ogy  in  the  store:  one  operates  at  the  13.65- 
MHz  high-frequency  range;  the  other  uses 
the  900-MHz  to  1000-MHz  UHF  band.  The 
high-frequency  RFID  technology  is  used  to 
track  individually  tagged  items  within  a  5- 
foot  range  inside  the  store.The  UHF  version 
tracks  pallets  and  boxes,  and  can  read  at  a 
distance  of  up  to  22  feet. 

A  new  system  being  tested  in  the  Future 
Store  involving  RFID  tags  is  the  “smart 
shelf.”  Tagged  on  shelves  with  embedded 
readers  that  communicate  with  the  mer¬ 
chandise  management  system  via  the 
WLAN. The  shelves  recognize  when  tagged 
goods  are  removed  or  replaced,  and  report 
the  movement  of  goods  to  the  system.  A  big 
advantage  is  that  the  shelves  trigger 
requests  for  fresh  supplies. 

Another  RFID  application  under  testing  is 
delivery  Pallets  and  boxes  are  tagged  at 
Metro’s  distribution  center  in  Essen,  Ger¬ 
many,  and  recorded  as  they  pass  through  a 
gate  in  the  Future  Store.  The  system  is 
designed  to  provide  real-time  data  on  ware¬ 
house  shipments  and  inventory 
A  huge  challenge, says  Gerd  Wolfram, pro¬ 
ject  manager  of  the  Future  Store,  is  manag¬ 


ing  the  data  generated  from  the  movement 
of  tagged  products.  SAP  is  testing  an  RFID 
inventory  control  system  aimed  at  con¬ 
necting  every  piece  of  RFID  technology  to 
the  company  Intel,  together  with  SAP  is  a 
principal  technology  partner  behind  the 
Metro  pilot,  provides  the  technology  to 
crunch  the  these  numbers. 

If  RFID  tags  replace  bar  codes,  Metro  fore¬ 
sees  PSAs  and  checkout  counters  being 
equipped  with  tag  readers.  Readers  inte¬ 
grated  in  the  PSAs  automatically  would  reg¬ 
ister  what  shoppers  have  in  their  carts. 

Of  the  Future  Store’s  nearly  40,000  prod¬ 
ucts,  only  around  30  carry  individual  tags, 
including  razor  blades  from  Gillette,  cheese 
from  Kraft  Foods  and  shampoo  from 
Procter  &  Gamble. 

The  day  when  RFID  tags  replaces  bar 
codes,  however,  could  be  several  years 
away  Wolfram  says.The  price  of  the  chip,  he 
says,  is  a  big  factor. “The  current  chips  cost 
between  30  cents  and  60  cents,”  he  says. 
“For  us  to  deploy  RFID  chips  economically 
the  price  will  have  to  come  down  to 
around  2  cents.” 

If  the  price  of  manufacturing  RFID  chips 
is  a  concern  now,  the  issue  of  privacy  could 
prove  a  potential  drawback.  In  April,  fash¬ 
ion  retailer  Benetton  Group  postponed 
plans  to  roll  out  RFID  tags  in  one  of  its 
clothing  outlets  after  protests  from  privacy 
groups.  Philips  has  responded  to  these 
growing  fears  by  implementing  a  new  fea¬ 
ture  into  its  tags  that  disables  them  at  the 
point  of  sale.  Gillette  also  says  its  use  of 
RFID  tags  is  to  improve  supply-chain  man¬ 
agement  efficiency,  and  says  its  focus  is  on 
tracking  pallets  and  cases,  not  customers. 

Metro  is  aware  of  the  privacy  concerns 
linked  to  RFID,  Wolfram  says,  and  will  do 
what  is  necessary  to  ensure  that  con¬ 
sumers’  privacy  rights  aren’t  violated. 

Blau  is  a  correspondent  with  the  IDG 
News  Service’s  bureau  in  Dusseldorf, 
Germany. 
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servlet-based  proxies  are  being  replaced 
with  a  protocol  engine  that  utilizes  an 
embedded  real-time  database. 

Flamenco  also  has  added  what  it  calls  a 
“shock  absorber,”  which  is  designed  to 
ease  upgrades  to  the  proxies  as  various 
Web  services  protocols  mature,  such  as 
the  recent  upgrade  from  Version  1.1  to  1.2 
of  the  Simple  Object  Access  Protocol 
(SOAP).  The  proxies  can  be  updated  on 
the  fly  without  missing  any  SOAP  mes¬ 
sages  or  having  to  reboot. 

The  company  also  has  added  support 
for  WS-Security  which  IBM  and  Microsoft 
developed  and  has  become  the  de  facto 
security  standard  for  Web  services.  The 
Organization  for  the  Advancement  of 
Structured  Information  Standards  is  final¬ 
izing  the  specification. 

“In  order  to  build  /eal  Web  services 
beyond  point-to-point  integration  they 
need  to  be  managed,”  says  Ron  Schmel- 
zer.an  analyst  with  ZapThink. 

Schmelzer  says  Web  services  manage¬ 
ment  products  from  Flamenco  and  com¬ 
petitors  such  as  AmberPbint,  Actional, 
Confluent  and  others  are  starting  to 
mature.  He  says  support  for  WS-Security 
should  be  contained  in  management 
products  that  must  secure  access  to  Web 
services.  Schmelzer  says  the  shock 
absorber  should  help  shield  users  from 
the  evolving  lineup  of  Web  services 
protocols. 

WSM  4.0  comes  in  an  Enterprise  Edition 
for  corporate  deployment  and  a  SP 
Edition  for  service  providers. 

Pricing  for  WSM  4.0  starts  at  $100,000. 
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Finally,  a  company  that  talks  big  and 
works  bigger.  A  company  that  talks  ROI 
and  actually  delivers.  A  company  that 
provides  real  business  value  you  can 
measure.  A  network  solutions  and 
services  provider  called  NextiraOne. 


At  NextiraOne,  we  bring  clarity  to  your 


complex  communications  networks. 


Planning,  designing,  implementing, 


supporting  and  managing.  For  voice. 


data  and  converged  infrastructures 


In  the  United  States  or  around  the 


world.  You  name  it,  we  do  it  -  with 


world-class  results 


www.NextiraOne.com  (888)  398-0547 


WE'RE  NOT  HERE  TO  TELL  YOU 
THAT  ANTI-VIRUS  AND 
FIREWALLS  AREN'T  ENOUGH. 

THAT'S  WHAT  WORMS  ARE  FOR. 


Dynamic  Threat  Protection.  The  most  complete  protection  available. 
Most  large-scale  Internet  attacks  completely  bypass  firewalls  and  anti-virus.  We  stop  these 
threats  cold.  How?  Simple.  We  are  #1  in  the  world  for  security  intelligence  and  threat  protection 
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technology.  We  deliver  the  fastest,  most  accurate  detection,  prevention  and  response  solution. 
We  call  it  Dynamic  Threat  Protection.  Visit  us  at  www.iss.net/iss-nww  or  call  800-776-2362. 


INTERNET 

Security 

Systems 


www.nwfusion.com 


8/25/03 


NetworkWoridTTg 


HE 

WIRELESS 


I  EXTRANETS  ■  INTEREXCHANGES  AND  LOCAL  CARRIERS 
REGULATORY  AFFAIRS  ■  CARRIER  INFRASTRUCTURE  DEVELOPMENTS 


Spam  fighters  redouble  their  forces 


NaviSite  lures  spam  haters  with  managed  service. 


Messaging  security  services  vendor  lands  funding. 


■  BY  JENNIFER  MEARS 

John  Knapp,  executive  vice  president  at 
Producers  Assistance,  a  personnel  compa¬ 
ny  in  Houston  that  serves  the  energy  indus¬ 
try,  was  ready  to  give  up  on  e-mail. 

“I  was  getting  200  spam  messages  a  da^’ 
Knapp  says.“It  was  uncontrollable.” 

He  wanted  to  filter  out  the  spam,  but  was¬ 
n’t  happy  about  the  prospect  of  having  to 
implement  and  manage  anti-spam  soft¬ 
ware.  Instead,  he  signed  up  for  a  hosted  ser¬ 
vice  from  his  messaging  application  ser¬ 
vice  provider  Interliant,  which  offers  a 
managed  spam-blocking  and  virus-detec¬ 
tion  service  through  its  partner,  Fbstini. 

Managed  infrastructure  company  Navi- 
Site,  which  acquired  Interliant  and  its 
spam-  and  virus-blocking  service  earlier 
this  year,  expects  other  companies  to  fol¬ 
low  Knapp’s  lead.  Last  week,  NaviSite  an- 


■  Managed  hosting  firm 
Rackspace  this  week  is  expected  to 
unveil  a  new  security  service  to 
combat  distributed  denial-of-service 
attacks.  PrevenTier  monitors  all 
traffic  entering  Rackspace’s  network 
with  a  combination  of  proprietary 
intrusion-detection  technology  and 
commercially  available  products. 
PrevenTier  can  handle  more  than  30 
million  packets  per  second,  the  com¬ 
pany  says.  PrevenTier  uses  Arbor 
Network’s  Peakflow  distributed 
DoS  technology  to  model  normal 
network  behavior  and  then  search 
for  irregularities,  which  it  flags, 
reports  on  and  suggests  corrective 
action.  If  malicious  activity  is  sus¬ 
pected,  PrevenTier  routes  that  traf¬ 
fic  through  Riverhead  Networks' 
Riverhead  Guard,  which  uses  a 
multi-verification  process  to  ensure 
that  legitimate  traffic  continues  to 
be  delivered.  PrevenTier  starts  at 
$350  per  server,  however  the  per- 
server  price  decreases  as  more 
servers  are  added. 


nounced  a  special  introductory  offer  for  its 
Managed  Spam  Filtering  service  that 
waives  set-up  charges  and  discounts  the 
service  25%  for  customers  who  sign  one- 
year  contracts.  John  Whiteside,  director  of 
product  marketing  for  NaviSite’s  messaging 
services,  says  pricing  for  the  service  varies 
but  typically  includes  a  $250  set-up  fee  and 
“a  couple  of  dollars  per  mailbox  per 
month.” 

Postini’s  technology 
analyzes  IP  addresses 
and  all  text  and  HTML 
parts  of  a  message 
against  “heuristics-based 
expressions”  in  real  time 
to  weed  out  spam.  End 
users  can  modify  the  fil¬ 
ters  to  ensure  that  legiti¬ 
mate  e-mail  doesn’t  get 
blocked. 

While  dozens  of  com¬ 
panies,  such  as  NetlQ, 

Symantec  and  Tumble¬ 
weed  Communications, 
offer  anti-spam  products, 
only  a  handful,  including 
FrontBridge  Technologies  and  Fbstini,  offer 
spam  filtering  as  a  hosted  service.  Both 
companies  let  customers  set  filtering  con¬ 
trols,  but  Masha  Khmartseva,  a  senior  ana¬ 
lyst  at  Radicati  Group,  says  Fbstini  lets  end 
users  set  up  their  own  profiles,  rather  than 
requiring  a  mail  administrator  or  autho¬ 
rized  user  do  it. 

The  benefit  of  a  hosted  service,  analysts 
say  is  that  companies  don’t  have  to  deal 
with  deploying,  managing  and  updating 
the  software.  In  addition,  companies  can 
save  money  on  bandwidth  because  mes¬ 
sages  are  scanned  in  remote  data  centers 
so  inappropriate  messages  never  enter  cus¬ 
tomer  networks. 

“There  is  no  question  in  my  mind  that 
we’re  saving  monejf  says  Knapp,  who  says 
his  200  unwelcome  e-mails  per  day  have 
been  whittled  to  about  a  dozen.“I  expect  to 
save  money  on  the  amount  of  bandwidth 
that  we’re  not  paying  for,  because  that’s  how 
we  pay  for  our  mail  hosting.  The  more  stuff 
we  move  back  and  forth,  the  more  we  pay 
so  by  eliminating  it  from  ever  coming  here, 
we’re  cutting  down  the  cost  of  our  service.” 

To  help  companies  determine  the  finan¬ 
cial  effect  that  spam  is  having  on  their  bot¬ 
tom  line,  NaviSite  has  set  up  a  spam  cost 
estimator  on  its  Web  site.  ■ 


■  BY  BOB  BROWN 

Last  December,  after  signing  on  with  a 
spam-filtering  service,  national  law  firm 
Gray  Cary  had  about  47%  of  its  661,000 
incoming  messages  blocked.  Last  month, 
the  firm  saw  about  65%  of  its  1.1  million 
messages  banned  from  arriving  in  end 
users’  mailboxes. 

With  spam  volumes 
showing  no  signs  of 
falling,  Gray  Cary  has  had 
no  choice  but  to  have  a 
solid  anti-spam  system  in 
place,  says  CTO  Don 
Jaycox. 

“We  pretty  much  used 
to  hear  constant  com¬ 
plaints,  but  now  I  just 
don’t  hear  them,” he  says. 

Gray  Cary’s  anti-spam 
needs  are  being  met  by 
FrontBridge  Technolo¬ 
gies,  a  provider  of  mes¬ 
saging  security  services 
that  last  week  announ¬ 
ced  it  has  raised  $8  mil¬ 
lion  in  venture  funding. 

While  rampant  spam,  in  addition  to  pro¬ 
liferating  viruses,  have  made  e-mail  man¬ 
agement  a  huge  challenge  for  many  com¬ 
panies,  the  onslaught  has  been  a  bonanza 
for  vendors.  Kirk  Walden,  national  director 
of  venture  capital  research  at  Pricewater- 
houseCoopers,  says  nearly  $125  million 
has  been  invested  in  e-mail  management 
companies  over  the  past  year  and  a  half, 
with  many  targeting  the  spam  problem. 

FrontBridge  received  its  latest  investment 
from  BA  Venture  Partners  and  Sierra  Ven¬ 
tures, and  now  has  compiled  $18  million  in 
funding  over  three  rounds.  The  company 
started  up  in  1999  and  began  offering  ser¬ 
vices  two  years  ago.  FrontBridge  says  it  has 
roughly  700  paying  customers  (the  service 
costs  about  $18  per  user)  with  anywhere 
from  100  to  100,000  seats. 

The  company  plans  to  use  the  funds  to 
expand  its  sales  team  and  network  of  data 
centers.  The  data  centers  —  FrontBridge 
has  seven  in  the  U.S. —  intercept  e-mail  on 
its  way  into  customer  networks  and  ensure 
it’s  legitimate  (and  virus-free,  if  the  cus¬ 
tomer  chooses  to  use  the  vendor’s  anti-virus 
service)  before  forwarding  it.  New  data  cen¬ 
ters  are  slotted  for  London  and  Singapore. 

FrontBridge  uses  a  variety  of  techniques 


to  filter  out  spam.  These  include  a  propri¬ 
etary  blacklist,  rules-based  scoring  and  a 
“fingerprinting”  technique  that  lets  the  com¬ 
pany  identify  spam  based  on  mail  filtered 
among  its  entire  customer  base.  Customers 
can  use  console  software  to  examine  their 
spam  situation  and  review  reports. 

The  company  says  only  one  in  250,000 
legitimate  messages  is  filtered  out  mis¬ 
takenly  as  spam. That’s  a  good  thing,  Jaycox 
says,  because  the  law  firm  can’t  afford  to 
have  its  dealings  with  clients  compromised. 

“I  had  a  big  fear  of  false  positives,”  he  says. 
“The  legal  business  has  shifted  dramatically 
over  the  last  five  years  where  a  lot  of  busi¬ 
ness  is  done  through  e-mail.” 

Industry  watchers  say  that  given  all  the 
vendors  in  the  market,  anti-spam  services 
and  products  could  quickly  become  com¬ 
modities. 

Companies  such  as  FrontBridge  that  have 
branched  out  into  anti-virus  and  disaster- 
recovery  services  have  the  best  chances  of 
sticking  around,  says  Dan  Keldsen,  senior 
analyst  and  director  of  IS  at  Delphi  Group, 
a  consulting  firm  that  has  been  using 
FrontBridge’s  service  for  about  10  months. 

“People  are  all  over  the  place  in  what 
they’re  using  to  fight  spam,  since  there  are 
so  many  choices,”  he  says.  ■ 


PROFILE:  FRONTBRIDGE 
TECHNOLOGIES 

Location:  Marina  Del  Rey,  Calif. 

Founded:  1999 

Primary  business:  Secure 
messaging  services. 

Management:  President  and  CEO 
Steve  Jillings,  formerly  executive  vice 
president  of  IT  services  company 
Voyus;  CTO  Charles  McColgan, 
former  vice  president  of  technology 
for  Paramount  Digital  Entertainment. 

Funding:  $18  million  over  three 
rounds;  investors  include  BA  Venture 
Partners  and  Sierra  Ventures. 

Financing:  Privately  held;  anticipates 
reaching  profitability  in  2004. 

Fun  fact:  Changed  its  name  from  Big 
Fish  Communications  in  January.The 
new  name  refers  to  the  company's 
efforts  to  be  a  '‘front  line  of  defense” 
and  a  “protective  bridge  for  e-mail." 

Costly  problem 

The  Radicati  Group 
estimates  that 
protecting  user 
mailboxes  from  spam 
costs  companies  about 

$49 

per  mailbox  per  year  and 
could  grow  to  S257  per 
mailbox  by  2007. 
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Last  year,  Dell  sold  more  Linux  servers  in  the  U.S.  than  any  other  server  vendor!  And  here’s 

one  reason  why.  In  a  recent  Dell  test,  a  Dell/Oracle®  9//Linux  solution  running  an  Intel®  Xeon“ 
processor-based  Dell  PowerEdge”  6650  4P  server  was  89%  faster  and  56%  less  expensive  than  a 
Sun  Fire  V480  4P  server  running  an  Oracle  9//Sun  Solaris  solution.2  To  see  complete  test  results,  go 
to  www.dell.com/migration16. 


There’s  little,  if  any,  debate:  Migrating  from  UNIX  to  a  standards-based  solution  lowers  cost  and 
increases  flexibility.  Dell  gives  you  both  mind-bending  performance  and  unparalleled  expertise,  all 
at  a  great  value.  And  the  entire  solution  is  backed  by  enterprise  level  24/7  service  and  support. 


The  migration  is  on.  Find  out  how  you  can  make  the  most  of  it  for  your  organization.  Call 
1-866-871-9882  or  go  to  the  Dell  UNIX  Migration  online  calculator 
at  www.dell.com/migration16  to  see  how  a  Dell  solution  can  lower 
your  migration  costs  and  help  simplify  the  transition. 


Leading  enterprise  solutions.  Easy  as 
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Click  www.dell.com/migration16  Call  1-866-871-9882 

toll  free 
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Sun  V480  serve'  with  'od*  90U  MH/  UltraSPARC  ill  processors  Solans  9  (12/02  version)  3  Year  Gold  Support  Price  $44  646  Iwwwsun  com.  7/1/03)  For  details  and  results,  see  www  dell  com/migration 

Intel  the  Intel  logo  and  Intel  Xeon  die  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  Dell,  the  Dell  logo  and  PowerEdge  are  registered  trademarks  of  the  Dell  Computer  Corporation.  (£>2003  Dell  Computer  Corporation.  All  rights  reserved 


www.nwfusion.com 

Service  Providers 

8/25/03 

NetworkWorld 

39 

EYE  ON  THE 
CARRIERS 

Johna  Till 
Johnson 


It’s  the  dog  days  of  summer:  hot,  humid 
and  beset  with  the  occasional  multi¬ 
state  power  outage.While  the  rest  of  the 
world  is  off  at  the  beach  or  teeing  up  on 
the  course,  many  telecom  managers  are 
hard  at  work  negotiating  next  years  tele¬ 
phone  company  contracts. 

Herewith, some  ways  to  ensure  those  con¬ 
tracts  are  more  resilient  than  our  national 
energy  infrastructure.The  best  protection  is 
to  craft  clauses  that  let  a  company  termi¬ 
nate  the  contract  without  being  assessed  a 
fee,  under  as  many  circumstances  as  possi¬ 
ble.  Why?  Because  such  “sanity  clauses”  are 
the  only  way  to  ensure  that  your  company 
will  get  the  telco’s  undivided  attention. 
Usually  a  service  provider  will  notice  if  it’s 
about  to  lose  millions  of  dollars  in  revenue 
per  year.  (If  nothing  else,  that’s  a  healthy 
chunk  of  an  account  reps  commission.) 
Most  telcos  don’t  want  to  offer  these 


Sanity  clauses  for  contracts 


kinds  of  outs.  If  anything,  they’d  prefer  to 
provide  refund  credits  worth  a  few  thou¬ 
sand  dollars.  Unfortunately,  these  aren’t 
substantive  enough  to  force  a  telco  to 
make  major  operational  changes.  Only  the 
threat  of  losing  customers  can  do  that. So  to 
ensure  the  right  to  leave,  your  contract 
should  include  out  clauses  addressing  the 
following  situations: 

Chronic  or  acute  violations  of  the  service- 
level  agreement.  Most  service  providers  are 
happy  to  provide  refund  credits  if  a  cus¬ 
tomer  can  prove  the  SLA  was  violated.  But 
that’s  not  good  enough.  If  the  service  pro¬ 
vider  grossly  violates  the  SLAs  (for  exam¬ 
ple,  latency  packet  loss  or  availability  ex¬ 
ceeds  250%  of  the  agreed-upon  limits)  or 
regularly  does  so  (such  as  three  or  more 
SLA  violations  in  a  month),  you  should 
have  the  right  to  terminate  the  contract. 

Mergers,  acquisitions  or  divestitures.  Let’s 
face  it:Your  company  could  acquire  anoth¬ 
er  company  with  better  telco  rates.  Or  it 
could  be  bought.  And  so  could  the  service 
provider.  In  any  case,  you  should  have  the 
unilateral  right  to  terminate  the  contract — 
again,  with  no  financial  penalty 

Technology  refresh.  Let’s  say  another 


provider  offers  you  a  service  (such  as 
Secure  Sockets  Layer-based  VPNs)  that 
you’d  like  to  have.  And  lets  say  your  current 
provider  doesn’t  offer  this  service.  You 
should  provide  them  the  option  to  offer 
this  service  within  a  reasonable  time  (say 
90  days)  or  have  the  right  to  switch  to  a 
provider  that  meets  your  needs. 

Chronic  billing  errors.  Most  telcos  don’t 
have  the  infrastructure  in  place  to  offer 
timely  accurate  bills.That’s  their  problem.  If 
they  try  to  saddle  you  with  the  additional 
costs  of  ensuring  billing  accuracy  you 
should  have  the  right  to  walk.  Either  the 
telco  should  fix  its  billing  support  system  or 
cut  you  some  slack. 

As  noted,  most  telcos  won’t  like  these 
contracts.  Too  bad.  Your  business  is  what 
keeps  them  in  business  —  so  either  they 
should  sign  up  or  expect  to  lose  your  busi¬ 
ness  to  someone  who’s  willing  to  negoti¬ 
ate.  Now  that  that’s  settled. . .  see  you  at  the 
beach! 

Johnson  is  president  and  chief  research 
officer  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.  com. 


Visit  www.dell.com/migrationl6  and 
go  to  the  Dell  UNIX  Migration  online 
calculator  for  a  free  migration 
assessment.  Dell  offers  a  host  of 
end-to-end  migration  services, 
including  those  for  Oracle®  9/.  Call 


Router  sales  signal  carrier  activity 

Research  firms  say  IP  services  are  driving  demand  for  equipment. 


Chasing  Cisco 


Cisco  continues  to  lead  in  worldwide  market  share  for  service  provider 
router  revenue  and  shipments. 


Q2  revenue 


Redback 

Other 


SOURCE:  GARTNER 


Q2  shipments 


Total  shipments:  3,136  units 


■  BY  JIM  DUFFY 

Two  new  reports  show  that  the  market  for 
high-end  routers  has  renewed  life  —  per¬ 
haps  a  sign  that  carriers  are  finally  starting 
to  reinvest  in  their  network  infrastructures. 

The  worldwide  high-end  router  market 
grew  between  6%  and  10%  in  the  second 
quarter,  according  to  separate  data  com¬ 
piled  by  market  research  firms  Gartner 
and  Dell’Oro  Group. 

Gartner  says  the  second  quarter  marks 
the  first  quarter  of  growth  in  this  market 
since  declines  began  a  year  ago,  which  fol¬ 
lowed  massive  capital  expenditure  cutting 
by  service  providers. 

The  new  numbers  might  be  “an  early  sig¬ 
nal”  that  the  market  is  poised  for  a  recovery 
next  year,  says  Gartner  analyst  Jennifer 
Liscom.“Both  Cisco  and  Juniper  reported 
that  service  providers  are  starting  to  buy 
again,” she  says. 

The  worldwide  service  provider  router 
market  —  which  Gartner  defines  as  any 
carrier-class  multigigabit  system  for  core  or 
edge  duty  —  totaled  $455.4  million  in  the 
second  quartern  6%  increase  from  the  first 
quarter,  according  to  the  firm. 

Gartner  found  Cisco  to  continue  its 
leadership  in  the  worldwide  service 
provider  router  market,  claiming  54.6%  of 
revenue  and  52.9%  of  shipments,  followed 
most  closely  by  Juniper  in  both  cate¬ 
gories  (see  graphic). 

Nortel  boosted  its  revenue  almost  80%  in 
the  second  quarter  with  large  shipments 
to  China,  and  displaced  Redback 


Networks  as  the  No.  3  supplier.  Redback 
had  an  “unusually  weak”  quarter  while 
undergoing  a  financial  restructuring, 
Gartner  says. 

Liscom  says  she  expects  growth  to  con¬ 
tinue  for  the  next  few  quarters  as  carriers 
continue  their  IP  network  buildouts  to 
meet  and  stoke  demand  among  businesses 
for  VPN  services. 

“Things  are  starting  to  look  like  we’re 
progressing  to  this  IP  network  we’ve  been 
talking  about  for  so  long,”  she  says. 

Dell’Oro  Group  says  worldwide  sales  of 
10G  bit/sec  systems,  used  predominantly 
in  the  IP  core,  hit  $170  million  in  the  sec¬ 
ond  quarter,  an  increase  of  10%  from  the 
first  quarter. 


But  the  overall  router  market  was  flat,  at 
$1.5  billion,  the  firm  reports. 

Router  sales  have  hovered  at  this 
level  for  five  consecutive  quarters,  with 
minimal  quarter-to-quarter  fluctuations, 
Dell’Oro  says. 

Dell’Oro  also  found  that  Cisco  retained  its 
market  leadership  in  10G  bit/sec  systems 
—  but  its  revenue  grew  only  2%,  compared 
with  No.  2  Juniper’s  23%  gain,  and  No.  3 
Avici  Systems’  32%  growth.  ■ 
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1-866-871-9882  today  to  speak  with 
a  Dell  representative.  Together,  you 
can  assess  your  individual  needs  and 
then  develop  a  cost-effective  plan  for 
UNIX  migration. 
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toll  tree 

Click  www.dell.com/migration16 
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I  AM  A  SNARLING 
PACK  OF 
DOBERMANS. 

I  AM  INTEGRATED  SECURITY.  I  HAVE  THE  POWER  TO  PROTECT  YOUR 
NETWORK  FROM  THE  INSIDE, THE  OUTSIDE  AND  FROM  EVERYWHERE  IN 
BETWEEN.  I  ALWAYS  KNOW  WHO  IS  ON  THE  GUEST  LIST  AND  HAVE  THE 
POWER  TO  DENY  THOSE  WHO  AREN'T  ON  IT.  I  SNIFF  OUT  THREATS  SO 
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THIS  IS  THE  POWER  OF  THE  NETWORK.  nOW. 


Cisco  Systems 


cisco.com/securitynow 


Shrinking  budgets.  More  applications.  Bigger  files. 


BellSouth®  Metro  Ethernet  Service.  The  solution  to 
deliver  cost-effective,  more  reliable  and  robust  transport  for  your 
growing  network.  You  won't  need  new  equipment  or  training  and 
it's  scalable.  Whether  it's  Ethernet  (10  Mbps),  Fast  Ethernet 
(100  Mbps)  or  Gigabit  Ethernet  (1,000  Mbps),  you  can  mix  speeds 
according  to  location  and  application  requirements.  You'll 
increase  your  bandwidth  at  a  lower  overall  cost.  For  a  customized 
solution  from  someone  with  four  million  miles  of  fiber  experience, 
visit  www.bellsouth.com/business/metroethernet 


The  rewards  of  visiting  our  Web  site. 

FREE  INSTALLATION* 

with  contracts  greater  than  24  months  for 
new  BellSouth®  Metro  Ethernet  Service  customers. 

www. bellsouth.com/business/metroethernet 
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INSIDE  LOOK  AT  THE 
TECHNOLOGIES  AND  STANDARDS 
SHAPING  YOUR  NETWORK 


SATA  reduces  storage  costs 

Interface  technology  for  connecting  storage  devices  to  client  apps  promises  increased  performance. 


■  BY  SCOTT  CLELAND 

Serial  Advanced  Technology  Attach¬ 
ment  is  an  emerging  standard  electronic 
interface  technology.  SATA  promises  to 
exceed  its  predecessor,  Parallel  ATA,  by 
delivering  better  performance  at  a  frac¬ 
tion  of  the  cost  of  traditional  storage 
technology  such  as  SCSI  or  Fibre 
Channel. 

As  the  name  suggests,  SATA  is  simply  a 
serial  link  or  interface  standard  used  to 
control  and  transfer  data  and  informa¬ 
tion  from  a  server  or  storage  appliance  to 
a  client  application.  SATA  is  used  to  con¬ 
nect  storage  devices  such  as  hard  disk 
drives  to  motherboards  and  can  increase 
system  performance,  improve  efficiency 
and  reduce  development  costs  greatly. 

Parallels  and  differences 

To  understand  the  benefits  of  SATA,  a 
closer  examination  of  Parallel  ATA  is 
required.  Parallel  ATA,  a  hard  disk  drive 
technology  based  on  the  Integrated  Drive 
Electronics  (IDE)  interface  standard,  is 
used  for  the  transfer  and  communication 
of  data  between  a  computer  mother- 


Got  great  ideas 


■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If  you 
want  to  contribute  a  primer  on  a  spe¬ 
cific  technology,  standard  or  protocol, 
contact  Amy  Schurr,  senior  managing 
editor,  features  (aschurr®  nww.com). 


board’s  bus  and  disk  storage  devices. 

Many  low-end  network-attached-storage 
(NAS)  devices  use  Parallel  ATA  drives 
because  of  the  cost  benefits.  Moreover, 
there  are  numerous  high-bandwidth  appli¬ 
cations  such  as  backup  and  recovery  video 
surveillance, video  manipulation  and  near¬ 
line  storage  that  use  disks  instead  of  tape. 

The  configuration  of  storage  devices 
using  SATA  is  much  simpler  than  its  prede¬ 
cessor,  thanks  to  its  sleeker  form  factor. 
SATA  uses  longer,  thinner  cables  than 
Parallel  ATA,  which  uses  bulky  fragile  and 
short  cables.  SATA  also  uses  a  seven-pin 
data  connector  as  opposed  to  the  40-pin 
found  in  Parallel  ATA. 

Bulky  cables  connected  to  disk  drives  are 
more  difficult  to  set  up,  block  airflow  and 
induce  heat,  all  of  which  affect  the  overall 
performance  and  stability  of  hardware  sys¬ 
tems.  SATAs  cables  are  much  simpler  to 
route  and  install,  and  the  compact  nature 
provides  additional  space  on  mother¬ 
boards  and  disk  drives. 

SATA  also  uses  low-voltage  differential 
signaling,  which  is  consistent  with  low 
power  and  cooling  requirements.  Signal 
voltages  have  been  lowered  from  5  volts  on 
Parallel  ATA  to  a  mere  0.7  volts  on  SATA. 
This  enables  lower  power  handling  on  a 
disk  drive  and  reduces  the  size  of  a  switch 
controller. 

The  interface  technology  uses  8B/10B 
encoding,  a  method  for  encoding  eight-bit 
data  bytes  to  10-bit  transmission  charac¬ 
ters.  Using  serial  technology  with  eight-/ 10- 
bit  encoding  improves  overall  transmission 
and  completely  bypasses  the  parallel  trans¬ 
mission  problems.  This  high-data-integrity 
scheme  provides  the  essential  embedded 


■  HOW  IT  WORKS 

SATA 

Serial  Advanced  Technology 
Attachment  is  used  to  control 
and  transfer  data  from  ser¬ 
vers  or  storage  appliances  to 
clients. 


Storage  arrays  SATA  RAID 


O  Client  sends  request  to  server  for  data. 

©  The  request  is  routed  through  the  server 
to  the  SATA  RAID  array,  where  the  data  is 
read  or  written. 

©  The  requested  data  is  processed  at  the 
server  and  sent  from  the  RAID  array  back 
to  the  client. 


timing  and  significant  data-integrity  check¬ 
ing  provisions  that  high-speed  transmis¬ 
sions  require. 

By  using  point-to-point  topology  as 
opposed  to  a  bus-based  architecture  found 
predominantly  in  Parallel  ATA  or  SCSI  tech¬ 
nologies,  SATA  can  deliver  full  bandwidth 
to  each  connected  drive,  thereby  improv¬ 
ing  overall  performance.  With  a  road  map 
consisting  of  three  generations  of  in¬ 
creased  data-transfer  rates  at  150M,  300M 
and  600M  bit/sec  device  burst  rates, SATA  is 
poised  for  10  years  of  steady  but  healthy 
growth,  according  to  the  Serial  ATA 
Working  Group.  The  new  standard  also  is 
backward-compatible,  making  it  simpler  to 
convert  from  Serial  to  Parallel  formats  and 
vice  versa, and  also  should  speed  the  adop¬ 
tion  rate  of  SATA. 

Future  deployment 

With  flexible  thin  cables,  hot-plug  con¬ 
nectors,  improved  data  reliability  and  pro¬ 
tection,  along  with  full  software  compati¬ 
bility,  SATA  will  create  huge  market  oppor¬ 
tunities  for  inexpensive  network  storage 
products.  Many  disk  drive  and  chip  manu¬ 
facturers  have  announced  products  sup¬ 
porting  SATA,  and  there  has  been  wide¬ 
spread  industry  support  through  the  Serial 
ATA  Working  Group,  comprising  more  than 
80  vendors. 

Currently,  SATA  costs  about  15%  more 
than  Parallel  ATA,  but  the  gap  is  closing  fast, 
and  SATA  is  expected  to  be  on  par  with 
today’s  Parallel  ATA  in  the  near  future. 

Cleland  is  a  technical  marketing  man¬ 
ager  for  3ware.  He  can  be  reached  at 
scleland  @3  ware,  com 


Dr.  Internet  By  Steve  Blass 

Several  of  our  Windows  computers  have  been 
acting  strange,  and  we  suspect  we've  been  com¬ 
promised  by  MSBIast  or  some  variant.  Can  you 
elaborate  on  the  root  kits  you  mentioned  last 
week  -  what  do  they  do?  And  is  the  only  fix  for 
this  attack  to  reformat  the  computer? 

One  root  kit  we  found  had  installed  an  mIRC  client 
that  was  sniffing  passwords  off  the  network  and 
sending  them  back  to  an  IRC  channel.  The  system 


was  riddled  with  copies  of  Trojans  based  on  klan- 
door  and  aristotles.  Symantec,  McAfee,  Microsoft 
and  others  have  tools  that  clean  up  a  system  with¬ 
out  reinstalling  everything,  when  starting  from 
scratch  is  not  an  option.  Look  for  and  remove  any¬ 
thing  named  msblast.exe  from  the  hard  drive  and 
from  the  registry.  Get  stinger  from  www.nai.com 
and  run  that.  Get  the  W32Blast  removal  tools  from 
www.symantec.com  and  run  that.  GetTheCleaner 
from  www.moosoft.com  and  run  that.  Install  the 


Microsoft  RPC  patch.  Install  all  your  critical 
Windows  updates.  Install  the  MS  RPC  patch 
again.  Back  up  everything.  Update  your  virus  soft¬ 
ware.  Boot  into  safe  mode,  run  a  virus  scan  and 
search  your  computer  for  new  directories  under 
system  and  system32. 

Blass  is  a  network  architect  at  Change@V/ork 
in  Houston.  He  can  be  reached  at  dr.  internet® 
changeatwork.  com. 
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Store  my  data  and  make  it  snappy 


GEARHEAD 
INSIDE  THE 
NETWORK 
MACHINE 

Mark 

Gibbs 


Last  week  we  started  a  discussion  of 
the  delights  of  the  Snap  Server  2200 
from  Snap  Appliance  and  got  a  lit¬ 
tle  sidetracked  in  a  discussion  on  RAID 
configurations. 

Anyway,  getting  the  Snap  Server  up  and 
running  was  very  simple.  Essentially  you 
just  plug  in  the  power,  plug  in  the 
10/100Base-T  connection,  power  it  up, 
and  the  server  tries  to  configure  its  TCP/IP 
service  using  DHCP  RARP  or  BOOTP 
Failing  that,  you’ll  need  to  set  up  the 
device’s  network  connections  using  the 
supplied  utility  program  called  Assist, 
which  lets  you  assign  a  fixed  IP  address  to 
the  device. 

Once  the  Snap  Server  is  running  you 
can  access  it  via  a  default  URL.  This 
leads  you  to  the  default  home  page  for 
the  server,  letting  you  log  on  and  set  up 
the  server.  At  this  point  the  Snap  Server 
also  appears  on  your  network  as  a 
server  using  Server  Message  Block  net¬ 
working  but  with  no  security  restrictions 


in  place  yet. 

After  that  you’ll  want  to  configure  the 
disk  drives.  With  the  Snap  Server  2200  you 
can  elect  to  have  two  individual  113G- 
byte  drives;  run  the  drives  in  data  protec¬ 
tion  so  the  second  disk  automatically 
backs  up  the  first  (disk  mirroring);  or  run 
the  drives  as  one  large  disk  (JBOD)  using 
disk  striping,  which  results  in  a  virtual 
drive  of  227G  bytes. 

Independent  drives 

Drew  Meyer,  the  product  manager  at 
Snap,  wrote  to  me  after  last  week’s  col¬ 
umn  to  note  that,uSnapOS  [Snap’s  appli¬ 
ance  operating  system  based  on  Free 
BSD]  is  able  to  handle  the  drives  as  two 
independent  hardware  devices,  so  the 
data  is  actually  physically  separate.  In 
our  experience,  few  folks  actually  use 
this, but  we  treat  JBOD  as  a  feature.  Drive 
spanning,  or  drive  concatenation,  we 
actually  don’t  do.  If  we  are  striping,  we 
have  both  heads  writing  at  the  same 
time.” 

You  can  disable  HTTP  access  for  users 
while  administrators  continue  to  have 
access  to  the  Web  interface.  If  you  let 
users  access  via  the  Web  interface,  they 
can  browse  whatever  subdirectories 
and  files  are  allowed  by  their  security 


settings. 

Along  with  Microsoft  networking,  the 
Snap  Server  supports  Novell,  Apple,  Unix 
(NFS)  and  FTP  networks.  It  also  allows 
SNMP-based  management,  which  you 
can  set  to  be  read/write  or  read  only 

Through  the  Web  interface  you  set  up 
and  manage  users  and  groups  and  net¬ 
work  shares.  Note  that  you  control  access 
to  disk  subdirectories  by  user  accounts 
but  not  by  the  type  of  network  share  —  in 
other  words  when  you  define  a  share  it  is 
accessible  through  all  enabled  network¬ 
sharing  protocols. 

The  Snap  Server  provides  access  con¬ 
trol  not  only  to  subdirectories  but  also 
to  files,  and  you  can  set  disk  quotas  on  a 
per-user  basis.  We  had  trouble  with  this 
feature  running  in  mirrored-disk  mode 
—  we  enabled  quotas  but  when  we 
went  back  to  the  quota  set-up  screen  the 
feature  had  apparently  not  been  set. 
Assuming  the  device  might  need 
rebooting  we  told  it  to  restart  (a  “soft” 
restart),  which  it  did  but  then  the  server 
disappeared  from  the  network. 

After  the  server  sat  for  15  minutes  with 
the  drive  light  solidly  on  but  no  Web  inter¬ 
face  enabled, we  assumed  it  had  locked  up 
so  we  hit  the  power  switch  and  restarted  it. 
This  time  the  Web  interface  came  up  but 


the  drive  was  shown  as  “unavailable."  We 
checked  the  disk-status  page  and  the 
server  log,  but  there  was  no  information 
as  to  why  the  disk  was  unavailable.  It 
eventually  became  available,  and  after 
talking  to  the  chaps  at  Snap  we  deter¬ 
mined  that  the  server  had  been  running  a 
disk  check  both  after  we  first  did  the  soft 
restart  and  then  when  we  did  the  power¬ 
down  restart. 

One  shortfall 

The  lack  of  accurate  disk-status  report¬ 
ing  is  the  only  weakness  we  identified  in 
this  product,  and  the  fact  that  after  the 
“soft”  restart  the  Web  server  didn’t  start 
looks  like  a  bug. 

However,  since  then  the  server  has  per¬ 
formed  very  well,  rivaling  our  Linux  serv¬ 
er’s  Samba  server  performance.  The  bot¬ 
tom  line  is  that  the  Snap  Server  2200 
($1,500  retail)  is,  our  problems  not  with¬ 
standing,  a  good  workgroup-level  storage 
appliance.  It  is  very  easy  to  configure,  fast, 
has  all  of  the  services  you  are  likely  to 
need  and  has  a  good  management  inter¬ 
face.  We’ll  let  you  know  next  week  what 
we  find  out  about  the  bug. 

Support  your  thoughts  at  gearhead 
@gibbs.com. 


CoolToo 

Quick  takes 
on  high-tech  toys 

By  Keith  Shaw 


We’re  all  about  juxtaposition  here  at  the  Testing 
Zone,  so  we  present  two  reviews  of  a  miniature 
mouse  and  a  larger  keyboard  that  can  improve 
comfort  when  typing. 


lOGear's  tiny 
and  extremely 
light  USB 
Optical  Mini 
Mouse  800  is 
perfect  for 
mobile  users. 


Tiny  mouse  impresses 

When  it  comes  to  portable  miniature  mice  for  travel, I’ve 
always  felt  the  smaller,  the  better.  Several  companies  have 
come  out  with  slightly  smaller  versions  of  their  regular 
mouse,  but  they've  still  been  a  bit  big  and  bulky  to  throw 
into  a  laptop  bag  and  carry  on  trips. 

So  I  was  happy  to  receive  the  IOGear  USB  Optical  Mini 
Mouse  800  (Model  GME222,$30).lt  is  extremely  light  and 
tiny,  perfect  for  the  mobile  user.  I  have  smaller  hands,  so 
having  a  smaller  mouse  is  preferred  (big-handed  readers 
might  tind  themselves  too  cramped  with  a  miniature 
mouse). The  Mini  Mouse  also  has  a  scroll  wheel,  which 
adds  to  the  functionality.  1  never  realized  how  much  I  use 
the  scroll  wheel  on  a  regular  mouse  until  1  noticed  myself 
using  the  wheel  on  the  Mini  Mouse. 

The  Mini  Mouse  has  adjustable  resolution  settings  —  a 


Tiny  mouse,  hidden  keyboard 


user  can  set  the  mouse  for  400, 600  or  800  dots  per  inch 
(dpi).  IOGear  says  the  800-dpi  setting  offers  twice  the 
resolution  of  a  standard  mouse,  which  would  please  Web 
designers  and  graphic  artists  who  strive  for  pinpoint  accu¬ 
racy  Trying  the  mouse  on  different  settings  didn’t  seem 
to  affect  my  mousing  ability  or  accuracy  but  I’m  not  a 
graphic  artist  or  Web  designer. 

One  downside  is  that  the  positioning  of  the  right  mouse 
button  may  be  too  close  to  the  left  button.  Several  times  I 
found  myself  trying  to  left-click  and  accidentally  hit  both 
buttons  with  my  fingers. 


A  sunken  keyboard 

We  were  intrigued  by  the  Kinesis  Advantage  Pro  USB 
keyboard.The  company’s  primary  objective  was  to  create 
a  comfortable  and  ergonomic  keyboard  that  could  pre¬ 
vent  repetitive  stress  injuries. The  large  frame  is  designed 
to  house  an  ergonomically  recessed  keyboard  and  as 
such  is  considerably  larger  than  a  standard  keyboard.The 
recessed  keys  are  designed  to  limit  the  amount  of  move¬ 
ment  a  user  makes  when  typing. 

Amateurs  beware,  however  —  it  takes  some 
time  to  get  accustomed  to  this  key¬ 
board.  But  once  you  get  accli¬ 
mated  to  the  placement  of  the 
keys  and  thumbs,  you  might  be 
pleased  with  the  comfort  and 
speed  of  your  typing  and  naviga¬ 
tion.  Even  so,  after  some  weeks  of 
testing  we  still  found  some  key¬ 
strokes  to  be  challenging. The  hard¬ 
est  thing  to  get  used  to  were  the 
redesigned  thumb  keypads,  but  with 
a  bit  of  practice  the  keyboard  was 
more  comfortable. 


In  addition  to  the  basic  keys,  the  keyboard  includes 
function  keys  (you  can  map  macros  to  them)  and  a  foot 
pedal.The  foot  pedal  let  us  strike  key  combinations  (such 
as  Alt-S,  Alt-Tab  and  CTRL-S)  with  our  foot.  Pretty  cool! 

The  keyboard  also  includes  two  USB  ports  for  adding 
devices  such  as  a  numeric  keypad,  digital  camera  or 
other  USB  device.  The  keyboard  supports  Windows, 
Macintosh  and  Linux  computers. 

The  price  of  $359  might  be  a  bit  daunting,  but  if  it  can 
prevent  or  help  those  with  repetitive  stress  injuries,  it 
might  be  worth  the  price.  It’s  not  for  everyone,  but  those 
who  want  an  advanced  keyboard  should  consider  it. 
When  buying  direct  from  Kinesis,  there  is  a  60-day  return 
policy, so  users  can  try  it  out. 


Shaw  can  be  reached  at  kshaw@nww.com.  Senior 
Network/Telecom  Engineer  Peter  Hebenstreit  contributed 
to  this  column. 


The  Kinesis  Advantage  Pro  USB  keyboard 
is  designed  to  limit  the  amount  of  move¬ 
ment  you  make  when  typing. 
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Let  Fusion  be 
your  resource 

How  do  you  keep  up  to  date  on  network  technolo¬ 
gies  and  issues?  Step  1 ,  of  course,  is  right  in  your 
hands.  But  when  you  want  to  get  up  to  speed  on  a 
specific  technology  or  topic,  chances  are  you  head  to 
the  Web. 

Over  the  past  few  months,  we’ve  been  busy  upgrading 
our  topic-specific  research  centers  on  Network  World 
Fusion  (www.nwfusion.com)  to  make  them  even  more 
useful.  Each  center  features  the  latest  breaking  news  and 
analysis  on  the  topic,  of  course.  But  you  also  can  turn  to 
them  for  enterprise-specific  tutorials  and  white  papers  — 
nearly  1,200  at  last  count  —  along  with  the  latest  down¬ 
loadable  applications  (more  than  500).  And  we’ve  built  a 
networking  encyclopedia  to  define  key  terms.  Follow  the 
links  from  the  relevant  research  centers  or  start  browsing 
our  links  area  at  DocFinder:  7338. 

Most  of  our  research-center  pages  now  have  “XML"  but¬ 
tons  that  let  you  subscribe  to  a  daily  feed  of  the  latest 
news  and  analysis  via  the  XML  subset  known  as  RSS.  We 
currently  have  60  different  RSS  feeds  (see  the  complete 
list  at  DocFinder:  7339). 

It’s  all  been  a  team  effort:  All  of  our  reporters  are  now 
responsible  for  research-center  pages  in  their  beats,  and 
they  write  a  weekly  analysis  or  point  to  an  interesting 
new  product  or  topic. 

For  example.  Senior  Editor  John  Cox  looks  at  a  spate  of 
recent  reports  on  the  wireless  market  and  concludes  that 
people  are  going  to  remain  tethered  for  a  long,  long  time: 
“The  'Wireless  Revolution’  is  still  and  will  be  forever  a 
mirage”  (DocFinder:  7340). Senior  Editor  Ellen  Messmer, 
meanwhile,  recently  wrote  what  you  could  learn  from  a 
critical  review  of  a  large  federal  e-commerce  effort 
(DocFinder:  7341). 

When  you  get  right  down  to  it,  though,  who  knows  net¬ 
works  better  than  you  and  your  peers?  That’s  why  we’re 
also  making  our  resources  interactive.  When  Senior 
Editor  Deni  Connor  noticed  there  aren’t  that  many 
places  for  storage  professionals  to  discuss  their  issues, 
she  set  up  a  storage  community  forum  (DocFinder:  7342) 
—  where  users  now  are  discussing  the  pros  and  cons  of 
intelligent  Fibre  Channel  switches  (this  is  in  addition  to 
our  existing  forums,  on  topics  from  VPNs  to  the  future  of 
NetWare). 

And  starting  this  week,  you  can  let  your  peers  know 
what  you  think  of  all  those  resources  we’ve  listed  — 
each  now  has  a  “review”  button  that  lets  you  post  com¬ 
ments  for  your  peers  to  read,  and  for  you  to  read  what 

others  have  to  say. 

Take  a  look,  and  let  us  know  what  you  think. 

—  Adam  Gaffin 
Executive  Editor,  Online 
agaffin  @nww.  com 


AT&T  clarifies 

The  editorial  “MCI:  The  second  100  days”  (www. 
nwfusion.com,  DocFinder:  7322)  and  Johna  Till 
Johnson’s  column  in  the  same  issue,  “Latest  MCI 
‘scandal’  isn’t  what  it  appears  to  be”  (DocFinder: 
7323)  both  contain  erroneous  assertions  about 
AT&T’s  objections  to  the  plan  of  reorganization  in 
the  WorldCom  bankruptcy  case. 

AT&T  has  never  called  for  liquidation  of  MCI/ 
WorldCom.  Instead,  we’d  prefer  to  compete  with  the 
firm  on  a  level  playing  field  rather  than  have  to  fight 
uphill  against  pricing  disparities  concocted  as  part 
of  numerous  fraudulent  schemes. 

And  to  clear  up  another  misperception:  AT&T  filed 
when  we  did  to  protect  the  interests  of  our  share- 
owners  who  have  been  victimized  in  the  Canadian 
Gateway  fraud.  If  we  hadn’t  met  the  court’s  deadline 
to  object,  a  short  time  after  authorities  alerted  us  to 
the  scam,  AT&T  shareowners  would  have  been 
handicapped  in  seeking  to  recover  damages.  AT&T 
seeks  to  ensure  that  MCI’s  proposed  plan  of  reorga¬ 
nization  does  not  preclude  AT&T  from  pursuing  its 
claims  for  damages  resulting  from  the  Canadian 
Gateway  fraud  in  a  court  of  AT&T’s  choosing. 

Jim  Byrnes 
Vice  president,  public  relations 
AT&T  Business 
Bedminster,  N.J. 

Ships  passing  in  the  night 

The  huge  layoffs  in  telecommunications  have  pro¬ 
duced  a  strange  situation  for  senior  data  communi¬ 
cations  and  telecom  workers.  Senior  jobs  in  the  net¬ 
work  and  telecom  sector  have  all  but  vanished  from 
the  Internet  we  created.  As  one  of  these  workers,  I 
am  trying  to  survive  on  a  contract  job  in  another 

E-mail  tetters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief,  Network  World,  II 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


field, hoping  the  economy  will  turn  around  and  tele¬ 
com  will  start  hiring  again.  But  the  longer  you  stay 
away  from  the  network  and  telecom  sector,  the  more 
chance  human  resources  will  skip  over  your  resume 
for  workers  with  up-to-date  experience. 

Like  ships  passing  in  the  night,  laid-off  network/ 
telecom  workers  are  going  in  one  direction  and 
employers  are  going  in  another. This  twist  of  fate  will 
cost  our  industry  much  of  the  creativity  and  energy 
that  captivated  the  economy  for  a  decade. 

Terry  Gross 
Atlanta 

Day  of  the  jackals 

Mark  Gibbs’  Backspin  column  “The  jackals  of  IT’ 
(DocFinder:  7324)  misses  the  point.  Why  should  IBM 
buy  out  SCO?  It’s  much  better  to  let  those  SOBs  die 
swinging  in  the  breeze,  hoping  someone  buys  into 
their  junk  and  pays  them  off.  IBM’s  strategy  of  letting 
them  die  of  starvation  is  much  more  satisfying.  It’s 
payback  for  all  of  us  who  had  to  work  with  SCO  and 
its  copyrighted,  non-performing  products. 

Ray  Williams 
Catlett.Va. 

My  only  complaint  with  Gibbs’  column  “The  jackals 
of  IT’concerns  the  jackal  analogy.In  the  wild, jackals 
provide  a  necessary  (albeit  violent)  element  in  the 
food  chain.  SCO  seems  more  like  a  pathetic  parasite 
attempting  to  somehow  squeeze  revenue  out  of  a 
market  in  which  it  can  no  longer  compete. 

George  Nezlek 
Chicago 

Think  Microsoft  has  a  monopoly  now?  Just  imagine 
how  strong  it  would  become  without  the  threat  of 
Linux.  If  the  jackals  win,  we'll  be  stuck  in  the  propri¬ 
etary  Dark  Ages  rather  than  transitioning  to  the  Age 
of  Open  Source  Enlightenment. 

Kurt  Buff 
Redmond, Wash. 
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DEMO  INSIGHT 

Chris  Shipley 


Mobility  changes  everything 


[ 


l  he  mobile  and  wireless  marketplace  is 
growing  rapidly.  As  technologists,  we 
have  become  so  enraptured  with  low- 
cost  calling  plans,  new  devices  and  a  blan¬ 
ket  of  Wi-Fi  that  we  risk  missing  the  forest  full 
of  change  because  we ’re  so  enamored  by 
the  saplings  of  emerging  technology. 
Demomobile  2003,  to  be  held  Sept.  17-19  in 
LaJolla,  Calif.,  seeks  to  remedy  this  by  spot¬ 
lighting  significant  products  and  trends  affect¬ 
ing  the  mobile  and  wireless  market. 

The  rapid  adoption  of  mobile  technology 
by  individuals,  combined  with  the  subse¬ 
quent  opening  up  of  enterprise  networks  and 
the  onslaught  of  broadband  to  the  home,  is  having  subtle  but  pro¬ 
found  effects  on  business  and  culture.  As  the  personal  computing 
business  transforms  into  a  device  computing  business,  the  node  at 
the  end  of  the  network  is  no  longer  a  computer;  it’s  a  person. 
Individuals  are  adopting  device  technology  for  themselves  or  driving 
the  adoption  of  technology  inside  their  organizations. 

The  beleaguered  IT  executive  must  decide  whether  to  fling  wide 
the  arms  of  acceptance  and  manage  the  chaos  as  best  as  possible,  or 
slam  shut  figurative  doors  to  the  server  room  and  throw  up  a  protec¬ 
tive  wall  of  policy  and  process  to  curb  renegade  end  users.  Neither 
option  is  comfortable,  but  ultimately  an  open  policy  will  win  out.Yet 
between  now  and  then,  IT  executives  must  rethink  network  access, 
security  configurations  and  —  more  importantly  —  their  role  as 


On  the  road  with 

SEMINARS  EVENTS 


infrastructure  provider  in  a  vastly  outsourced  organizational  model. 

The  situation  isn’t  much  better  for  the  individual,  who  also  is 
undergoing  a  gradual  and  profound  change  in  large  measure 
because  of  the  adoption  of  mobile  communications  and  data  tech¬ 
nology.  Always-connected,  always-on  devices  fundamentally 
change  the  way  people  interact  with  the  network,  companies  that 
support  it  and  one  another.  The  lines  between  business  and  per¬ 
sonal  uses  intermingle.  And  increasingly,  it’s 
not  the  device  or  the  network  that  is  always 
on  —  it’s  the  individual  who  can  never 
quite  turn  off  and  tune  out  the  din  of  work 
and  play. 

Whether  you  think  of  yourself  as  the  IT 
executive  who  must  anticipate  and  respond 
to  changing  requirements  or  the  always-on  individual  for  whom 
being  connected  is  a  way  of  life,  Demomobile  is  the  platform  to 
explore  this  phenomenon  and  other  important  trends  —  and  do  so 
in  the  context  of  the  new  products,  services  and  technologies  that 
will  shape  the  outcome  of  this  discussion.  About  35  products  will 
make  their  debut  at  Demomobile. 

Additionally,  an  array  of  top  thinkers  from  major  IT  suppliers  will 
share  their  visions  of  the  unfolding  mobile  and  wireless  market¬ 
place.  To  learn  more  about  the  conference,  go  to  www.idgef.com/ 
demomobile. 

Shipley  is  executive  producer  of  The  Demo  Conferences  and  a  vet¬ 
eran  technology  watcher.  She  can  be  reached  at  chris@demo.com. 
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OH  SECURITY 

Winn  Schwartau 

There  are  no  rules  at  DefCon, the  world’s 
largest  computer  hacker  convention. 
Earlier  this  month,  about  5,000  folks  — 
including  network  and  security  folks  of  every 
ilk  —  attended  the  show,  held  annually  at  the 
Alexis-Park  Hotel  in  Las  Vegas. 

Between  the  conference’s  “vendor  area”  and 
“hacking  zone”  were  a  few  dozen  round  banquet  tables,  loaded  with 
innumerable  laptops, monitors, routers, cabling  —  and  at  least  23  anten¬ 
nas.  Cheating  is  allowed  at  DefCon.  In  fact,  it’s  expected. 

I’ve  hosted  Hacker  Jeopardy  for  10  years,  and  part  of  the  ritual  is  to 
catch  people  cheating,  getting  remote  help  from  the  audience  or  a  dis¬ 
tant  room  with  wireless  earphones.  One  year  they  tried  to  hack  the 
answers  out  of  my  computer. Then  they  tried  to  download  the  memory 
files  from  the  hotel  computer  that  1  had  used  to  make  hard  copy  print¬ 
outs.  It  was  all  in  good  fun  —  with  reasonable  paranoia. 

The  lack  of  rules  at  DefCon  includes  massive  violations  of  dozens  of 
federal  felonies:  password  theft,  telecom  interception,  system  penetra¬ 
tion.  If  you  go  to  DefCon, caveat  emptorYour  mere  presence  makes  you 
a  target  —  all  in  good  fun. The  last  thing  you  want  is  to  see  your  name 
and  passwords  projected  onto  “The  Wall  of  Shame.” 

So  there  you  are,  a  fine  upstanding  corporate  network  type  and  you 
need  to  get  a  bit  of  work  done. What  do  you  do?  Use  the  free  high-band¬ 
width  802.11  wireless  networks,  right?  Think  again:  Those  23  antennas 
are  sniffing  and  air-snorting  every  digital  broadcast  stream  for  hun¬ 
dreds  of  yards.That’s  a  real  easy  way  to  end  up  on  the  Wall  of  Shame. 

You  could  elect  to  use  the  hard-wired  LAN  DefCon  offers  instead.  But 
what  dangers  lurk?  Is  the  DefCon  system  administrator  storing  traffic  for 
later  analysis?  Will  your  communications  become  part  of  DefCon  his¬ 
tory  and  a  question  in  next  year’s  Hacker  Jeopardy?  Maybe,  if  you  use 
the  supplied  network. 

You  could  use  your  hotel  room  dial-up.  It’s  slow,  but  it’s  secure,  right? 
DefCon  is  a  hacker  convention.  In  past  hacker  conventions,  attendees 


DefCon:  All  in  good  fun 


have  completely  taken  over  the  hotel  phone  systems. Yes,  DefCon  and 
the  Alexis-Park  Hotel  have  a  strong  detente  in  place,  but  1  wouldn’t 
advise  using  the  hotel’s  telephone  company  networks  for  anything 
important.There’s  a  better  than  even  chance  that  the  phones  are  com¬ 
promised,  too. 

I  found  a  method  to  communicate  securely  at  high  speed  for  free, and 
1  never  used  the  802.1 1  networks  except  for  the  most  mundane  surfing. 
Nor  did  I  need  VPNs  or  tons  of  special  gear.  What  I  used  is  part  of  my 
usual  travel  and  communications  gear.  (If  you  think  you  know  how  I 
did  it,  e-mail  me.The  first  person  with  the  correct  answer  will  get  a  free 
copy  of  my  latest  book.) 

Surviving  DefCon  requires  a  bit  of  stamina  and  knowledge,  but  there¬ 
in  is  a  tremendous  unrecognized  value  to  corporate  security  types. 
Everyone  must  be  assumed  to  be  a  bad  guy  (all  in  good  fun,  though), 
and  you  can  hack  and  break  tons  of  laws  legally 

Say  you  want  to  hone  your  wireless  security  skills.You  get  some  tools 
from  the  ’Net,  collect  your  802.11  gear  and  listen.  You  find  a  network 
connection,  identify  computers  on  it,  notice  that  many  have  file  shares 
open,  ports  unclosed,  and  in  you  go!  The  rule  at  DefCon  is  if  you’re  stu¬ 
pid  enough  to  let  someone  break  into  your  PC,  then  you  deserve  it. 

Corporate  security  personnel  can  gain  tons  of  hands-on  experience 
in  a  few  days  for  the  $75  admission  price. Set  up  network  attacks.Set  up 
honey  pots  and  invite  attacks  by  baiting  the  hackers.  It’s  all  in  good  fun. 

Anything  goes.  Learn  about  the  latest  in  attacks,  meet  the  creators  of 
the  tools  you  find  on  the  Internet  and  practice  in  a  real  environment, 
without  worrying  the  feds  are  going  to  come  breathing  down  your 
neck;  they’re  at  the  show,  too,  for  the  same  reasons. 

At  DefCon,  chaos  rules,  you’re  on  your  own,  and  you  win  or  lose  by 
your  wits.  It’s  all  in  good  fun  and  highly  educational. 


If  you  go  to 
DefCon,  caveat 
emptor:  Your 
mere  presence 
makes  you  a 
target  -  all  in 
good  fun. 


Schwartau  is  president  of  Interpact,  a  security  awareness  consulting 
firm,  and  author  of  14  books,  including  the  recent  Pearl  Harbor  Dot  Com. 
He  can  be  reached  at  winn@thesecurityawarenesscompany.com. 


Internet  security 

gjr.'V  '  "  f  ■' 

Danger  zone 


-y. - 

w¥:'' 


>  ;•  •..  .  .-y  -  ..  •  ^ 

Under  attack  11  yn  ir  fir. 

'  *yvall  or  IDS  syitom-c/HlW'lrilK.- 
:,,A-  jf^vOii^J’ t;(;  bpi  png  tor  I 
_  -tliaf^beoause  hucToMCt  Lvi 
1/  15  ooniiiiiyfrooi  alj  a’A-Mhif. 
world,  iTiijndifei^^i^yisn- ... 
-:  ;  (lay.',  '  I  //ook  rlOt  I  ll  ^IflS 

fe'  fitivoj.wsr.r1/ 1  r  ibfccj  H..U  re  •  '■ 

-  :  post  two 

Week  t/rst  | k -r»r»rJ:  ttitj  set  of  IP 
:  addnissos-wd'  mcjnitfliV-xl,  .was 
'  v  o: ''•>"!  for upon  port1,  '00,000 
t  it  nos,  A  i  id  fiockors  car  i  to 
book  lookincjTbr.  trouble  '82,000 
■  I  imos;  In  ounfest  case,  tfte'IP 


.k  "  * 

"s ' 


addresses  under  attack  wore- 
at  Tel  Aviv  University.  but  this 
could  just  as  easily  be  you. 


Internet  hack  activity  soars 
due  to  automatic  worm  attacks. 

■  BY  CHRISTINE  BURNS 
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How  dangerous  is  the  Internet  any¬ 
way?  We’ve  all  read  about  cyberterror¬ 
ists,  identity  thieves,  industrial  sabo¬ 
teurs,  credit  card  crooks,  Web  site  van¬ 
dals,  backers,  crackers  and  script  kid¬ 
dies.  But  just  bow  bad  is  it?  Who’s  out 
there?  Where  are  they  coming  from? 


And  what  do  they  want? 


Alert  overload:  Let's  say 
you're  bend  of  security  for  a 
mid  sized  ISP  and  you're 
corning  back  from  a  two  week 
vacation.  How  many  alerts  did 
you  miss?  If  you  guessed  1.7 
million,  you're  tight.  Of' course,  , 
that  suspicious  traffic  only 
amounted  1o  a  tiny  fraction  of 
the  3.3  billion  packets  flowing 
across  your  slice  of  the 
Internet  backbone.  And  when 
you  factor  out  false  positives  • 
and  simple  scanning  activity, 
you're  down  to  a  mere  800,000/ 
suspicious  alerls,  But  it  only 
'  takes  one  successfuf  attack 
to. briii';i  down  your  network. 
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To  answer  tfiese  questions,  we  took  a  snapshot  of  Internet 
activity  from  three  angles:  on  the  Internet  backbone  for  a 
look  at  raw  traffic;  directly  outside  an  enterprise  network; 
and  at  the  firewall  level  of  a  group  of  corporate  customers. 

To  see  malicious  traffic  directly  on  the  Internet  backbone, 
we  consulted  i-Trap  Internet  Security  Services  in  Cleveland. 
1-Trap  tracked  and  analyzed  a  two-week  sampling  of  surrep¬ 
titious  Internet  activity  collected  from  a  regional  ISP’s  trio  of 
Snort-based  intrusion-detection  sensors.  This  data  provides 
an  in-depth  view  of  attacks  being  thrown  at  corporate  net¬ 
works  once  the  hackers  have  completed  their  scans  and 
know  their  targets. 

We  tapped  into  an  intrusion  tracking  and  prevention  sys¬ 
tem  built  by  ForeScout  Technologies  sitting  on  the  edge  of  a 
10, 000-node  enterprise  network  serving  Israel’s  largest  uni¬ 
versity.  There  we  could  track  what  network  reconnaissance 
was  being  done  and  pinpoint  exactly  which  hackers  were 
corning  hack  to  do  damage. 

We  also  tracked  firewall  logs  for  24  corporate  customers 
on  i-Trap’s  network.(See  an  online  charting  showing  the 
most  frequently  blocked  ports  at  www.nwfusion.com, 
DocFinder,  7336.) 

What  we  found  is,  well,  in  a  word,  spooky  —  in  terms  of  the 
sheer  amount  of  potential  scans  coming  at  any  given  net¬ 
work,  the  variety  of  ways  hackers  are  looking  to  get  into 
your  network,  the  tenacity  these  hackers  show  and  the  fact 
that  these  attacks  are  coming  at  you  from  all  corners  of  the 
globe,  clay  and  night. 

Here’s  what  we  found: 

•  The  amount  of  potentially  dangerous  Internet  traffic  has 
tripled  in  some  eases  in  just  the  past  six  months. 

•  Reconnaisance  is  a  key  contributor  to  the  Internet  back¬ 
ground  noise.  Our  samples  show  that  1x4 ween  45%  and  55% 
of  suspicious  activity  is  hackers  scanning  for  targets. 

•  Most  hack  attempts  are  the  result  of  automated,  scripted 
attacks  launched  from  previously  compromised  machines. 

•  The  main  reasons  hackers  targeted  these  networks  were 
to  find  computers  they  could  use  to  relay  spam,  l<x:ate  extra 
storage  space  ior  illicit  files,  and  to  take  over  machines  that 
could  fx*  used  as  launching  |x»ints  for  future  attacks. 
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Where  are  they  coming  from? 


In  our  two-week  test  period,  we  saw  attacks  from  99  countries.  The 
highest  number  of  attacks  came  from  China,  followed  by  the  U.S. 
South  Korea,  Brazil  and  Germany.  At  the  bottom  of  the  list,  we  saw 
hacker  activity  coming  from  Togo,  Honduras,  Lebanon,  Malta  and 
Sudan.  Our  intrusion-prevention  system  could  tell  us  the  location  ol 
the  machine  sending  the  attack,  but  not  whether  it  had  been  taker 
over  by  a  hacker  located  somewhere  else.  Still,  the  results  show  that 
hack  attacks  are  coming  from  just  about  everywhere .  (See  a  complete 
country-by-country  listing  at  www.nwfusion.com,  DocFinder:  7337.) 
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How  are  they  looking  to  get  inP 


Of  the  actual  180,000  attack  events  (scanning  activity  plus  actual  break-in 
attempts)  recorded  in  our  two-week  test  period,  78%  were  directed  at  Port 
80,  which  handles  most  Web  page  transfers. 
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Between  the  early  hours  of  July  10 
and  midnight  July  23,  the  network 
supporting  Tel  Aviv  University  was 
scanned  for  open  ports  96,000  times 
and  withstood  a  barrage  of  82,000 
hackers  from  99  countries  returning 
to  those  seemingly  open  ports  to  see 
if  they  could  wreak  a  little  havoc. 


So  do  those  statistics  make  it  a  bad  couple  of  weeks 
for  university  IT  managers  working  to  keep  unwant¬ 
ed  Internet  visitors  at  bay? 

Unfortunately,  it’s  more  like  business  as  usual,  says 
Oded  Comay,  CTO  of  ForeScout  Technologies,  whose 
ActiveScout  intrusion-prevention  technology  helps 
pinpoint  attempts  and  prevent  attacks  on  this  net¬ 
work  that  consists  of  more  than  10,000  nodes,  owns 
128,000  public  IP  addresses  and  maintains  a  100M 
bit/sec  link  to  the  Internet. 

At  least  it’s  business  as  usual  these  days,  Comay 
says,  because  of  the  rise  of  highly  automated  attacks 
and  computer  worms  that  wiggle  their  way  into  cor¬ 
porate  networks  at  lightning  speeds. 

Operating  on  the  assumption  that  hackers  do 
reconnaissance  before  attacking,  the  ActiveScout 
sensor  sits  outside  the  university’s  primary  firewall 
and  watches  incoming  traffic  for  suspicious  network 
probes  and  scans.  When  it  identifies  reconnaissance 
activity,  it  feeds  the  scanner  in  question  counterfeit 


information,  such  as  false  resources,  services,  ports 
and  IP  addresses.  If  that  same  attacker  tries  to 
exploit  the  counterfeit  information,  ActiveScpuf >>  Ti 
denies  access  to  the  network.  ■  ,  • 


I  scan,  therefore  I  attack 

Except  for  a  one-day  blip  in  User  Datagram 
(UDP)  traffic,  there  was  a  96.3%  match 
scans  and  identified  attackers  or,  in  Ac 
terms,  bites.  In  other  words,  virtually  every 
followed  at  some  point  m  time  by  an  attack 
same  source. 

The  reason  is  worms.  Because1  of  their  an 
rapid  propagation  median  is  nfs.  worms  ace 
at  least  90%  of -the  attacks,  in  general,  sy 
ally  scanning  and  biting  in  sync.  If  you  tak 
geographical  offenders  in  ohr  sample.  ;, 
further  document  that  the  large-  nuhibp'r^ 
coming  out  of  China  and  the  UTS  li 
automated. 

According  to  the  ActiveScout  data.  Vhe| 


Under  attack:  H  your  f  ire: 

-■;well  or  IDS  system- could  talk, 
.if.WOufdbe  hogging  for  I 
•.  ,  That's  because  hacker  act  ivi 

ty  is  coming  from  all  over  the 
world,  round  thd-ckx^seveft, 
{jays  a  weefey  ami  it  seietins 
to  hqvejiearly  tripled  in  the 
-  '  past  six  months.  In  our  two- 
week  test  period.  the  set  of  IP 
.  addresses  we  monitored,  was 
'  scanned  for  open  i  >ort  s  fJG.OM 
t  imps.  -And  hackers  cai  i  ie 
back  looking  for  trouble  8? .OCX) 
times.  In  our  lest  case,  tt>e  IP 
addresses  under  attack  were 
at  Tel  Aviv  University,  but  this 
could  just  as  easily  be  you. 
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Alert  overload:  Let's  r  ay 
you're  head  of  security  for  a 
mid  sized  JSP  and  you're  • 
corning  back  from  a  two  week 
vacation.  How  many  alerts  did 
you  miss?  If  you  guessed  1.7 
million,  you're  right.  Of  course, 
that  suspicious  traffic  only 
amounted  to  a  tiny  traction  of 
the  3.3  billion  packets  flowing 
across  your  slice  of  the 
»  Internet  backbone.  And  when 
.  you  factor  out  false  positives 
and  sihiple  scanning  activity, 
you’re  down  to  a  mere  800,000 
,  suspicious  alerts.  But  it  only 
takes  one  successful  attack 
to  bring  down  your  network. 
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Internet  security 


Internet  hack  activity  soars 
due  to  automatic  worm  attacks. 


■  BY  CHRISTINE  BURNS 

How  dangerous  is  the  Internet  any¬ 
way?  We’ve  all  read  about  cyberterror¬ 
ists,  identity  thieves,  industrial  sabo¬ 
teurs,  credit  card  crooks, Web  site  van¬ 
dals,  hackers,  crackers  and  script  kid¬ 
dies.  But  just  how  bad  is  it?  Who’s  out 
there?  Where  are  they  coming  from? 
And  what  do  they  want? 

To  answer  these  questions,  we  took  a  snapshot  of  Internet 
activity  from  three  angles:  on  the  Internet  backbone  for  a 
look  at  raw  traffic;  directly  outside  an  enterprise  network; 
and  at  the  firewall  level  of  a  group  of  corporate  customers. 

To  see  malicious  traffic  directly  on  the  Internet  backbone, 
we  consulted  i-Trap  Internet  Security  Services  in  Cleveland. 
1-Trap  tracked  and  analyzed  a  two-week  sampling  of  surrep¬ 
titious  Internet  activity  collected  from  a  regional  ISP’s  trio  of 
Snort-based  intrusion-detection  sensors.  This  data  provides 
an  in-depth  view  of  attacks  being  thrown  at  corporate  net¬ 
works  once  the  hackers  have  completed  their  scans  and 
know  their  targets. 

We  tapped  into  an  intrusion  tracking  and  prevention  sys¬ 
tem  built  by  ForeScout  Technologies  sitting  on  the  edge  of  a 
10,000-node  enterprise  network  serving  Israel’s  largest  uni¬ 
versity.  There  we  could  track  what  network  reconnaissance 
was  being  done  and  pinpoint  exactly  which  hackers  were 
coming  back  to  do  damage. 

We  also  tracked  firewall  logs  for  24  corporate  customers 
on  i-Trap’s  network.(See  an  online  charting  showing  the 
most  frequently  blocked  ports  at  www.nwfusion.com. 
Doc  Finder:  7336.) 

What  we  found  is,  well,  in  a  word,  spooky  —  in  terms  of  the 
sheer  amount  of  potential  scans  coming  at  any  given  net¬ 
work,  the  variety  of  ways  hackers  are  looking  to  get  into 
your  network,  the  tenacity  these  hackers  show  and  the  fact 
that  these  attac  ks  are  coming  at  you  from  all  comers  of  the* 
globe,  day  and  night. 

Here’s  what  we  found: 

•  The  amount  of  potentially  dangerous  Internet  traffic  has 
tripled  in  some  cases  in  just  the  past  six  months. 

•  Reconnaisance  is  a  key  contributor  to  the  Internet  back¬ 
ground  noise.  Our  samples  show  that  I  between  45%  and  55% 
of  suspicious  activity  is  hackers  scanning  lor  targets. 

•  Most  hack  attempts  are  the  result  of  automated,  scripted 
attacks  launched  from  previously  compromised  machines. 

•  Tlie  main  reasons  hackers  targeted  these  networks  were 
to  find  computers  they  could  use  to  relay  s|jam,  locate  extra 
storage  space  for  illicit  files,  and  to  take  over  machines  that 
could  be  used  as  launching  points  for  future  attacks. 


Where  are  they  coming  from? 

In  our  two-week  test  period,  we  saw  attacks  from  99  countries.  1 
highest  number  of  attacks  came  from  China,  followed  by  the  U 
South  Korea,  Brazil  and  Germany.  At  the  bottom  of  the  list,  we  s 
hacker  activity  coming  from  Togo,  Honduras,  Lebanon,  Malta  a 
Sudan.  Our  intrusion-prevention  system  could  tell  us  the  location 
the  machine  sending  the  attack,  but  not  whether  it  had  been  tal 
over  by  a  hacker  located  somewhere  else.  Still,  the  results  show  tl 
hack  attacks  are  coming  from  just  about  everywhere .  (See  a  compli 
country-by-country  listing  at  www.nwfusion.com,  DocFinder:  7337.; 


■  5,000  or  more  attacks 

■  1,000  -  4,999  attacks 

■  500  -  999  attacks 

■  100  -  499  attacks  4 
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Automated  worms  account  for  90%  oTbagk;  activity. 


■  BY  CHRISTINE  BURNS 
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How  are  they  looking  to  get  inP 


Of  the  actual  180,000  attack  events  (scanning  activity  plus  actual  break-in 
attempts)  recorded  in  our  two-week  test  period,  78%  were  directed  at  Port 
80,  which  handles  most  Web  page  transfers. 
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Targeted  ports 


Between  the  early  hours  of  July  10 
and  midnight  July  23,  the  network 
supporting  Tel  Aviv  University  was 
scanned  for  open  ports  96,000  times 
and  withstood  a  barrage  of  82,000 
hackers  from  99  countries  returning 
to  those  seemingly  open  ports  to  see 
if  they  could  wreak  a  little  havoc. 


So  do  those  statistics  make  it  a  bad  couple  of  weeks 
for  university  IT  managers  working  to  keep  unwant¬ 
ed  Internet  visitors  at  bay? 

Unfortunately,  it’s  more  like  business  as  usual,  says 
Oded  Comay,  CTO  of  ForeScout  Technologies,  whose 
ActiveScout  intrusion-prevention  technology  helps 
pinpoint  attempts  and  prevent  attacks  on  this  net¬ 
work  that  consists  of  more  than  10,000  nodes,  owns 
128,000  public  IP  addresses  and  maintains  a  100M 
bit/sec  link  to  the  Internet. 

At  least  it’s  business  as  usual  these  days,  Comay 
says,  because  of  the  rise  of  highly  automated  attacks 
and  computer  worms  that  wiggle  their  way  into  cor¬ 


porate  networks  at  lightning  speeds. 

Operating  on  the  assumption  that  hackers  do 
reconnaissance  before  attacking,  the  ActiveScout 
sensor  sits  outside  the  university’s  primary  firewall 
and  watches  incoming  traffic  for  suspicious  network 

probes  and  scans.  When  it  identifies  reconnaissance 

,  -  .  - 

activity,  it  feeds  the  scanner  in  question  counterfeit 
information,  such  as  false  resources,  services,  ports 
and  IP  addresses.  If  that  same  attacker  tries  to 
exploit  the  counterfeit  information,  ActiveScout 
denies  access  to  the  network. 


r 


I  scan,  therefore  I  attack 

Except  for  a  one-day  blip  in  tj^fer  Datagram  Prfrtpeol  ^f  ;'; 
(UDP)  traffic,  there  was  a  96.3%  match  between 
scans  and  identified  attackers  or,  in  ActiveSebut 
terms,  bites.  In  other  words,  virtually  every  scan  was, 
followed  at  some  point  in  time  by  an  attack  from  the, 
same  source. 

The  reason  is  worms.  Because  of 


ally  scanning  and  biting  in  sync.  If  you  take:  the 
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Internet  security 


What  do  they  want? 

Most  hackers  are  looking  for  spam  relays;  others  want 
to  spread  worms  or  gain  control  of  your  computers. 


propagate  too  quickly,  and  the  time  lapse  between 
the  scan  and  the  bite  is  too  minuscule  to  have  been  com¬ 
pletely  changed  by  a  human.  Worm  activity  also  tends  to 
be  repetitive  —  they  look  for  the  same  ports  and  bite  on 
those  ports  on  a  mass  scale. 

According  to  ActiveScout  officials  who’ve  been  corre¬ 
lating  data  from  multiple  customer  installations  for  more 
than  a  year,  if  you  ignore  the  worm  activity,  you  will  see  a 
scan-to-attack  ratio  of  about  30%. This  means  that  out  of 
10  scanners,  three  will  return  and  actually  bite. 
Differentiating  the  real  hackers  from  the  folks  just  playing 
with  scripts  for  fun  goes  a  long  way  in  terms  of  your  abil¬ 
ity  to  filter  through  the  Internet  background  noise  to  find 
the  real  threats. 

Any  port  in  the  storm 

Topping  the  list  of  scanning  methods  used  against  the 
university’s  network  are  attackers  looking  for  open 
ports.  In  fact,  port-scanning  accounts  for  96%  of  all  the 
network  scans.  Next  is  the  UDP  service  scan  (3.7%  of 
scans  conducted).  Scan  types  falling  into  that  last  0.3% 
include  scans  looking  for  username  and  passwords, 
NetBIOS  Domain  logon  information  and  SNMP  man¬ 
agement  data. 

However,  it’s  important  to  note  that  the  university  goes 
to  great  lengths  to  sidestep  worm  attacks  and  huge 
amounts  of  network  traffic  facilitated  by  NetBIOS  vulner¬ 
abilities,  which  potentially  could  infect  all  Windows- 
based  machines.  The  university  asked  its  ISP  to  filter  all 
NetBIOS  traffic  before  sending  traffic  over  the  university’s 
link  so  the  relatively  low  numbers  for  NetBIOS  scans  — 
only  100  in  all  —  is  a  bit  skewed. 

To  provide  some  context  regarding  just  how  big  a  role 
NetBIOS  scans  can  play  on  a  network,  we  tapped  into  a 
second  ForeScout  node  protecting  a  midsize  virtual  com¬ 
pany  in  California  that  sports  255  public  IP  addresses  and 
a  T-l  link  to  the  Internet.  The  top  five  scans  were  in  the 
same  order  as  exhibited  in  our  Israeli  sample,  but  the  per¬ 
centages  were  more  spread  out.  Port  scans  amounted  to 
50%,  UDP  scans,  20%,  and  both  NetBIOS  and  username 
and  password  scans,  15%  each. 

Six  months  ago  on  this  node,  port  scans  and  NetBIOS 
scans  comprised  the  bulk  of  the  activity  56%  and  43%, 
respectively.  But  it’s  also  important  to  note  that  the  sheer 
number  of  scans  that  hit  this  node  grew  by  260% 
between  January  and  July. 

What  network  services  are  they  gunning  for? 

The  ActiveScout  also  tracks  the  top  services  hackers  are 
looking  to  influence  in  terms  of  the  combined  number  of 
scans  and  bites,  referred  to  as  “attack  events.” 

On  the  university’s  network,  hackers  overwhelmingly  are 
looking  to  meddle  in  the  Web  page  transfer  services  run¬ 
ning  on  the  university’s  Web  servers  across  TCP  Fbrt  80. 
Second  are  Windows-based  network  services  with  hackers 
trying  to  get  at  them  via  Fbrts  135, 139  and  445,  where  they 
can  attack  Microsoft’s  DCE  locator  service,  file  and  print  ser¬ 
vices,  and  SMB  over  TCP  transport  services,  respectively 

Other  services  of  note  are  FTP  services  running  over 
Fbrt  21  that  if  hacked  would  let  intruders  store  illegal  MP3 
tiles,  for  example; Squid  proxy  services  running  over  Fbrt 
3128  that  if  compromised  could  be  used  as  a  spam  relay; 
and  Microsoft  SQL  Servers  running  on  Fbrt  1433.  Fbrt 
1433  v,is  big  news  when  MS-SQL  Slammer  hit  in  January, 
but  1 1  cause  the  university  still  is  seeing  noticeable  scans 
hit.:  .»  'uat  port,  indications  are  that  there  are  still  SQL 
worm-  out  there  looking  —  and  likely  finding  — 
unpatched  machines  and  attacking  them. 

Rc>  A'(  /  ‘in  of  R  ireScout  Technologies  contributed  to  this 
story: 


■  BY  CHRISTINE  BURNS 

One  million,  seven  hundred  thou¬ 
sand  security  alerts  during  a  two- 
week  stretch  in  July  seems  like  a 
lot.  But  it  doesn’t  faze  John  Clarke, 
general  manager  of  i-Trap  Internet 
Security  Services. 

Clarke  and  his  team  of  security  analysts  monitor 
three  intrusion-detection  sensors  that  sit  on  the  back¬ 
bone  of  a  regional  ISP  in  Cleveland  and  weed  out  the 
serious  attacks  from  the  Internet  background  noise 
that  reaches  out  and  touches  the  network  daily. 

To  Clarke,  it’s  all  a  matter  of  perspective. 

With  a  minimum  of  3.3  billion  packets  flowing 
across  this  network  backbone  in  any  given  two-week 
period,  having  only  0.052%  of  those  packets  tagged  as 
possible  security  events  is  not  all  that  worrisome. 
However,  that  number  of  alerts  has  tripled  in  the  past 
six  months.  And  that  is  scary. 

If  you  drill  down,  of  those  1.7  million  alerts,  120,000 
are  likely  false  positives,  a  conservative  estimate 
based  on  i-Trap’s  experience. 

Another  765,000  are  alerts  that  are  triggered  by  net¬ 
work  scanning  operations,  rather  than  actual  attacks. 

That  brings  the  number  of  potentially  serious  attacks 
down  to  800,000. 

Bringing  it  down  one  more  notch,  an  average  corpo¬ 


rate  customer  with  a  midsize  network  served  by  this  ISP 
likely  would  see  32,000  security  alerts  in  any  recent  two- 
week  period. 

Thirty-two  thousand  is  certainly  better  than  1.7  mil¬ 
lion,  but  the  frightening  fact  is  that  it  takes  only  one 
dangerous  attack  to  wreak  havoc  on  your  network. 
The  point  is,  you  still  have  to  watch  these  alerted 
events  carefully  over  a  period  of  time  to  ascertain 
what’s  noise  and  what’s  noxious. 

Based  on  the  long-term  view  of  the  monitored  net¬ 
work,  we  asked  Clarke  and  his  team  to  weed  through 
our  data  set  and  pinpoint  the  top  10  red  flags.  Here 
they  are  in  order  of  volume. 

1:  Snort  alert:  Proxy  rules 

Number  of  alerts:  592,171 

Possible  malicious  intent:  Use  proxy  as  spam  relay 

Almost  all  these  are  inbound  scans.  If  an  attacker 
finds  an  open  proxy  server,  he  can  use  this  as  a  jump¬ 
ing  point  to  disguise  his  identity  and  launch  attacks 
against  other  hosts.  A  pattern  change  here  will  alert  us 
to  a  proxy  that  was  found  and  is  being  used. 

2:  Snort  alert:  MS-SQL  Worm  propagation  attempt 
OUTBOUND 

Number  of  alerts:  373,107 

Possible  malicious  intent:  Worm  propagation 

This  alerts  us  that  one  of  our  customers  has  caught  the 
MS-SQL  Slammer  Worm,  and  it  is  attempting  to  spread 
itself.  In  this  case,  one  source  address  inside  the  network 
was  responsible  for  hitting  99.9%  of  the  destination  IP 
addresses,  which  shows  that  the  worm  was  randomly 

See  Hackers,  page  52 


When  are  they  coming  after  you? 

Hackers  don’t  seem  to  take  weekends  off.  The  intrusion-  The  three  major  spikes  in  hacker 
prevention  system  at  our  test  site  (Tel  Aviv  University)  activity  recorded  on  the  regional 
was  hit  with  similar  numbers  of  both  reconnaisance  ISP’s  backbone  in  Cleveland  were  a 
(scans)  and  attacks  (bites)  every  day  of  the  week.  The  SQL  slammer  worm  on  July  16,  and 

scan  spike  on  July  22  was  because  of  hackers  looking  scans  on  July  15  and  22  looking  for 

for  vulnerable  User  Datagram  Protocol  (UDP)  services.  spam  relays. 


Period 

Scan  events 

Bite  events 

Total  events 

Period 

i-Trap  alerts 

Thursday,  July  10 

5,558 

4,994 

10,552 

Thursday,  July  10 

80,953 

Friday,  July  11 

5,312 

4,688 

10,000 

Friday,  July  11 

65,302 

Saturday,  July  12 

4,862 

4,501 

9,363 

Saturday,  July  12 

89,010 

Sunday,  July  13 

5,992 

5,658 

11,650 

Sunday,  July  13 

65,689 

Monday,  July  14 

8,043 

7,586 

15,629 

Monday,  July  14 

100,189 

Tuesday,  July  15 

7,610 

7,353 

14,963 

Tuesday,  July  15 

190,535 

Wednesday,  July  16 

7,011 

7,846 

14,857 

Wednesday,  July  16 

199,012 

Thursday,  July  17 

7,655 

8,244 

15,899 

Thursday,  July  17 

67,774 

Friday,  July  18 

6,582 

6,914 

13,496 

Friday,  July  18 

149,453 

Saturday,  July  19 

6,796 

6,009 

12,805 

Saturday,  July  19 

115,716 

Sunday,  July  20 

8,058 

6,929 

14,987 

Sunday,  July  20 

42,400 

Monday,  July  21 

8,048 

7,846 

15,894 

Monday,  July  21 

89,824 

Tuesday,  July  22 

15,145 

3,712 

18,857 

Tuesday,  July  22 

301,964 

Wednesday,  July  23 

N/A 

N/A 

N/A 

Wednesday,  July  23 

112,763 

SOURCE:  FORESCOUT  TECHNOLOGIES  SOURCE  I- T RAP  INTERNET  SECURITY  SERVICES 


Quantum  n  a  trademark  of  Quantum  m  the  Umted  States  and  other  countries  All  other 
fks  are  the  property  of  their  respective  companies  Specifications  are  subject  to  change  without 
or  more  information  call  1  866  82  7-1 S00  *  Source  infoStor  2003  TapoDisk  Backup  Survey 


YOU  COULD  PIECE  TOGETHER  YOUR  OWN 
DISK-BASED  BACKUP  SYSTEM. 


BUT  WHY  WOULD  YDU? 


The  Quantum 
DX30.  Nothing  else 
comes  close. 


Not  all  disk-based  backup  is  created  equal.  More  IT  professionals  have  chosen 
to  install  the  Quantum  DX30  solution  than  any  other  disk-based  backup  product.*  And  for 
good  reason.  The  Quantum  DX30  delivers  complete  and  hassle-free  optimized  backup  and 
restore  functionality  to  your  data  center.  It  integrates  quickly  and  seamlessly  with  your  existing  backup 
software  and  preserves  all  of  the  processes  that  you  have  built  to  ensure  that  your  company 
has  a  bulletproof  data  protection  plan. 

Optimized  for  your  backup  environment.  RAID  arrays  designed  for  general-purpose 
storage  applications  simply  are  not  designed  to  work  with  the  tape  functionality  of  backup 

software  packages  and  require  tuning  and  management  nearly 
identical  to  that  of  your  primary  storage.  You  certainly  could  use  an  off-the-shelf 
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and  restore. 

S' 

□ 

□ 

□ 
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3.  Requires  zero  disk  tuning  to  achieve  and 
maintain  maximum  performance. 
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4.  Can  be  shared  with  multiple  servers 
through  VERITAS  ”  SSO. 
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5.  Uses  existing  backup  policies 
and  procedures. 

array  to  stage  your  backup.  But  since  Quantum  has  already  taken  the  guesswork  out 
of  doing  it  yourself,  why  wouldn't  you  choose  the  DX30  for  your  disk-based 
backup  solution? 

Put  it  all  together.  Visit  us  on  the  Web  at  www.quantum.com/diskbackup 

and  enter  Code  ADV050  to  receive  your  FREE  whitepaper  entitled,  "Enhanced 
Backup  —  Delivering  Value  with  an  Optimized  Backup  Appliance." 

O  Speed.  Intelligence.  Confidence.  Simplicity. 

From  the  world's  leader  in  data  protection. 


Hackers 

continued  from  page  50 

probing  addresses,  but  only  sent  one 
attempt  to  each  target.  The  ISP  does  not 


want  its  customers  to  contribute  to  the 
worm  propagation  problem,  so  it  would 
notify  the  customer  who  owns  the  infected 
machine  before  complaints  are  sent  from 
other  networks. 

3:  Snort  alert:  BAD-TRAFFIC  loopback 


traffic 

Number  of  alerts:  26,770 

Possible  malicious  intent:  Spoofing 

Of  these  alerts,  those  with  a  source  IP 
address  of  127.0.0.1  signify  spoofed  traf¬ 
fic.  Tracing  this  packet  back  to  its  true 
source  is  difficult,  if  not  impossible.  On  an 
incorrectly  configured  machine  (or  one 
with  out-of-date  patches),  this  spoofing 
method  could  trick  the  machine  into 
thinking  it  was  talking  to  itself,  giving  an 
attacker  the  ability  to  send  spam  or  steal 
information  from  the  target. 

4:  Snort  alert:  Telnet  logon  incorrect 

Number  of  alerts:  20,874 

Possibly  malicious  intent:  Gain  control  of 
device 

When  we  dug  into  this  series  of  alerts, 
we  found  that  most  of  these  packets  were 
sent  from  only  two  source  addresses  that 
actually  were  sitting  on  the  ISP’s  network. 
With  this  particular  snort  signature,  the 
sensor  flagged  outbound  responses  from 
the  hosts  that  were  being  hit  repeatedly 
with  incorrect  logon  attempts.  This  is  a 
cause  for  concern  because  it’s  likely  the 
two  machines  were  being  hit  by  a  dictio¬ 
nary  attack,  and  if  it  goes  on  long 
enough,  a  compromise  is  likely  to  occur. 

5:  Snort  alert:  ICMP  ping  rules 

Number  of  alerts:  15,047 

Possible  malicious  intent:  Denial-of-ser- 

vice  (DoS)  attack 

Ping  traffic  is  normal.  Ping  is  used  widely 
as  a  troubleshooting  and  diagnostic  tool, 
but  also  is  used  in  scanning  and  DoS 
attacks.  A  change  in  the  pattern  here  would 
be  a  cause  for  alarm.  But  in  this  case,  the 
i-Trap  team  referred  to  its  real-time  statistics 
to  track  the  frequency  of  these  pings. There 
were  no  bursts  of  ping  traffic  hitting  the  net¬ 
work  in  a  relatively  short  time  (5  to  60  min¬ 
utes), so  they  could  conclude  there  was  no 
attempted  DoS  attack. 

6:  Snort  alert:  Formail  rules 

Number  of  alerts:  2,508 

Possible  malicious  intent:  Corrupt  Web 
e-mail 

Formail  is  a  script  used  to  handle  e-mail 
correspondence  through  a  Web  site.  If 
misconfigured.an  attacker  can  use  this  as 
a  launching  point  for  spam.  While  the 
attackers  did  not  find  any  misconfigured 
machines  during  the  two  weeks  we 
tracked  alerts,  i-Trap  officials  said  they 
typically  see  one  incident  per  month 
(that’s  tracked  across  1,500  Web  sites  the 
ISP  hosts)  in  which  the  machine  is  found 
and  subsequently  used  as  a  spam  relay. 

7:  Snort  alert:  NetBIOS  IPC$  share  access 

Number  of  alerts:  1,139 

Possible  malicious  intent  Gain  full  admin¬ 
istrator  rights 

The  IPC$  share  is  an  administrative  fea¬ 
ture  of  Windows  that,  if  achieved  by  a 
hacker,  gives  him  administrative  rights 
over  the  machine.  Breaching  a  share 
requires  three  things:  the  share  name 
(which  is  on  every  Windows  NT, 2000  and 
new  2003  system,  and  cannot  be 


removed  or  renamed),  a  user  name  (the 
default  of  which  is  “Administrator,"  which 
often  is  not  changed),  and  a  password. 
This  feature  should  not  be  accessed  out¬ 
side  of  a  LAN  environment,  so  to  see 
these  share  attempts  coming  from  the 
Internet  is  a  definite  sign  that  someone  is 
trying  to  break  into  these  machines. 

8:  Snort  alert:  RPC  portmap  rules 

Number  of  alerts:  160 

Possible  malicious  intent:  Gain  admin 

rights  to  a  machine 

These  alerts  crop  up  when  hackers  are 
looking  for  unpatched  Linux  and  Unix 
machines.  RPC  vulnerabilities  easily  will 
allow  an  attacker  full  control  of  the  target  if 
they  find  an  unpatched  machine.  There 
were  no  RPC  break-ins  on  our  watch,  but 
it's  worthwhile  to  note  that  the  probes  were 
fairly  constant,  so  system  operators  need  to 
be  pretty  vigilant  about  keeping  RPC  vul¬ 
nerabilities  patched. 

9:  Snort  alert:  SCAN  SSH  Version  map 
attempt 

Number  of  alerts:  13 

Possible  malicious  intent  Gain  adminis¬ 
trator  rights  to  a  machine 

This  is  probing  for  a  vulnerability  in 
Secure  Shell  (SSH),  a  method  used  to 
remotely  gain  administrative  rights  to 
Unix  or  Linux  systems.  There  are  known 
vulnerabilities  in  the  SSH  service,  and 
people  who  use  Linux  tend  to  be  behind 
in  their  patching,  as  it  is  a  manual  process 
unlike  using  Windows  Update.  If  a  vulner¬ 
able  system  is  found,  the  flaws  in  SSH  will 
allow  an  attacker  full  control  of  the  sys¬ 
tem.  There  was  no  evidence  of  a  success¬ 
ful  SSH  during  our  two-week  period. 
These  attempts  typically  come  at  the  net¬ 
work  in  groups  but  at  a  low  volume,  so 
they  usually  can  be  reviewed  manually  to 
see  if  a  compromise  occurred. 

10:  Snort  alert:  Policy  FTP  rules 

Number  of  alerts:  11 

Possible  malicious  intent:  Store  contra¬ 
band  files 

These  alerts  are  triggered  when  an  FTP 
logon  is  successful  —  whether  through  an 
anonymous  account  or  otherwise  —  and 
the  user  is  digging  around  in  the  FTP  serv¬ 
er.  In  particular,  these  rules  are  usually 
indicative  of  somebody  setting  up  a  warez 
distribution  site.  They  indicate  the  user  is 
attempting  to  clock  the  speed  of  the  server, 
create  hidden  directories,  and  access  stor¬ 
age  on  the  site  to  which  they  shouldn’t 
have  access. 

Eric  Bowser  of  I-Trap  and  Network  World 
Global  Test  Alliance  member  Joel  Snyder 
of  Opus  One  contributed  to  this  story. 

More  online! 

I-Trap  evaluates  which 
ports  are  most  likely  to 
come  under  attack  from 
hackers  and  why. 
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Digital  Document  Security 
and  IT:  Everything  you 
need  to  know. 

QWhat  are  the  most  significant  digital  copier 
•  security  issues? 

A#  Various  copier  print  controllers  are  actually  servers 
•  that  queue  and  permanently  store  multiple 
document  files,  providing  administrator  access  to  the 
documents.  At  a  minimum,  most  digital  copiers  retain  the 
last  document  processed;  some  even  retain  multiple 
documents  totaling  hundreds  of  pages.  Others  redirect 
print  jobs  when  the  printer  is  busy  or  jammed,  making 
"denial  of  service"  attacks  possible. 

*  How  does  Sharp  protect  the  network  interface? 

A#  The  Sharp  Ethernet  card  allows  administrators  to 
•  restrict  access  and  disable  unnecessary  protocols. 
With  this  network  card,  the  Sharp  digital  copier  is 
essentially  protected  by  its  own  firewall. 

Qe  How  can  you  be  sure  that  security  products 
•  actually  perform  as  claimed? 

A#  The  Common  Criteria  program — administered  by 
•  the  U.S.  National  Security  Agency  and  the  National 
Institute  of  Standards  and  Technology — evaluates 
security  solutions.  Products  that  are  validated  under  the 
program  meet  security  levels  consistent  with  ISO  15408 
methodology. 

*  How  can  Sharp  improve  IT  security? 

A#  Sharp  offers  print  privacy  solutions  designed  to 
•  restrict  unauthorized  personnel  from  seeing 
confidential  materials.  Copier  access  can  be  controlled 
and  monitored,  while  documents  retained  in 
printer/copier/scanner/fax  memory  are  immediately 
cleared  to  eliminate  unauthorized  access. 

sharpusa.com 


be  sharp" 
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How  secure 


Protect  your  information  with  the  Data  Security 
Kit  from  Sharp.  Financial  facts,  personnel  records, 
customer  lists:  networked  copiers/printers  process 
sensitive  information  every  day.  Unfortunately,  their 
hard  drives  can  also  be  accessed  via  the  network, 
contributing  to  $60  billion  worth  of  information 
theft  every  year.*  To  protect  this  weak  link  in  your 


Common  Criteria 


is  your  digital  information? 


corporate  security,  we've  created  our  Data  Security 
Kit.  It's  the  first  copier  and  printer  protection  to 
be  validated  by  Common  Criteria,  a  government- 
sponsored  program,  and  it's  available  only  with 
our  Digital  IMAGER™  series  of  copiers/printers. 
Sharp's  Data  Security  Kit.  Enhanced  information 
protection  at  your  fingertips,  sharpusa.com/security 


Internet  security 


The  ROI  of  network  security 

Network  security  can  be  a  tough  sell,  but  there  are  ways  to  convince 
your  CFO  that  investing  in  security  is  a  cost-effective  move. 


BY  KATHRYN  KOROSTOFF 


Network  security  is  one  of  the  hard¬ 
est  technology  categories  for  which 
to  create  an  ROI  analysis.  The  funda¬ 
mental  problem  is  determining  the 
value  of  preventing  security  breaches, 
which  constitutes  the  “savings”  in  an 
ROI  calculation  of  savings  divided  by 
cost. 


Network  security  savings  equals  cost  of 
security  breach 

Think  of  this  value  as  landing  somewhere  along  a 
security  consequences  continuum.  At  one  extreme  of 
the  continuum  (“no  consequences”)  are  those  organi¬ 
zations  that  would  get  no  value  from  network  security. 

In  this  unlikely  extreme,  the  organization  would  expe¬ 
rience  no  costs  in  the  event  of  a  Web  site  being  hacked, 
company  information  being  stolen,  or  network 
resources  being  unavailable. 

At  the  other  extreme  (“dire  consequences”)  is  a  com¬ 
pany  in  which: 

•  The  Web  site  is  so  critical  that  every  5  minutes  of 
downtime  can  be  directly  correlated  to  revenue 
loss. 

•  Lost  information  has  clear  costs,  such  as  legal  costs 
from  liability  in  the  event  of  confidential  client  infor¬ 
mation  being  stolen. 

•  Network  resource  downtime  causes  employee  work 
stoppage,  such  that  the  employees  literally  can  not 
work,  and  the  cost  of  the  breach  is  the  employees’ 
salaries. 

A  strong  case  also  can  be  made  for  the  unquantifiable 
costs  of  network  security  breaches.  But  because  these 
items  are  not  directly  measurable.it  is  best  simply  to 
pose  them  to  your  CFO  or  other  non-IT  management  for 
their  input: 

•  If  our  clients  find  out  we  had  a  breach,  would  they 
become  less  loyal  to  us?  Can  this  be  quantified? 

•  If  it  took  us  more  than  eight  hours  to  respond  to  a 
breach  (because  it  happened  at  midnight  and  we 
didn’t  know  about  it  until  8  a.m.the  next  day), 
would  there  be  any  ramifications  (with  our  clients, 
suppliers  or  employees)?  Can  this  be  quantified? 

Part  of  the  challenge  is  in  figuring  out  where  on  the 
security  consequences  continuum  your  organization 
lies.Two  ways  of  determining  this  are  as  follows: 

1.  Has  your  organization  experienced  breaches  in 
the  past,  and  if  so,  what  was  the  impact? 


•  How  many  hours  did  the  IT  staff  have  to  work 
to  bring  the  Web  site  up  (if  it  was  hacked)? 

•  How  many  hours  of  employee  productivity  were 
lost? 

•  Were  there  financial  ramifications  (legal,  competi¬ 
tive)  because  of  lost  information? 

At  the  time  of  the  breach,  the  mad  rush  to  correct  the 
problem  often  overshadows  the  need  to  document  its 
impact.  Still,  in  hindsight  you  might  be  able  to  recreate 
the  scene  of  the  crime. 

2.  Have  any  of  your  competitors  experienced 
breaches? 

•  Can  you  quantify  their  losses  (for  example, 
did  their  downtime  result  in  additional  busi¬ 
ness  for  your  company)? 

Sometimes  1  talk  to  network  executives  who  have  not 
experienced  a  breach  but  know  of  events  experienced 
by  their  competitors  and  have  told  me  (if  a  little  glee¬ 
fully)  about  the  impact: “Their  Web  site  was  down  for  a 
whole  day  and  our  online  sales  went  up  20%.”That  can 
be  translated  into  the  competitor  losing  that  20%  of 
revenue. 

Network  security  costs 

The  costs  of  network  security  investment  are  quite 
broad. There  are  several  categories  of  products  and  ser¬ 
vices  in  which  a  company  might  choose  to  invest  — 
from  firewalls,  intrusion-detection  systems,  authentica¬ 
tion  systems  and  anti-virus  tools,  to  various  software 
tools  that  monitor  servers  and  network  devices,  and 
raise  alerts  triggered  by  suspicious  activities. 

There  are  even  fingerprint  readers  available  for  less 
than  $200  per  device.  And  for  those  organizations  at  the 
“dire  consequences”  end  of  the  continuum,  a  24-7 
monitoring  service  also  might  be  a  justifiable 
expense. 

Calculating  the  ROI 

All  ROI  analysis  is  based  on  a  given  solution’s  costs 
and  its  savings  or  revenue  generation. The  graphic 
on  the  right  lists  potential  sources  of  both  for  net¬ 
work  security. 

As  is  commonly  observed,  investing  in  network 
security  products  is  like  buying  insurance. You  pay 
upfront  to  protect  yourself  against  a  possible  calam¬ 
ity.  For  organizations  that  don’t  have  a  quantifiable 
risk,  perhaps  very  little  investment  is  warranted.  But 
for  those  at  the  “dire  consequences”  end  of  the 
continuum,  network  security  investment  is  as 
vital  as  earthquake  coverage  for  homeown¬ 
ers  residing  near  the  San  Andreas  Fault. 

Korostoff  is  president  of  Sage  Research  in 
Natick,  Mass.  She  can  be  reached  at  kko- 
rostoff@sageresearch.  corn. 


Cost  vs.  cost 

Balancing  the  cost  of  network  security 

against  the  cost  of  not  implementing 

network  security. 

With  network  security 

Common  investments  include: 

•  Firewalls. 

•  Intrusion-detection  systems. 

•  Web  filter/content  filtering  system. 

•  Anti-virus  software. 

•  Monitoring  tools. 

•  Authentication  solutions  (such  as  RSA’s 
SecurelD). 

•  Staff  security  specialists  (or  consultants 
to  provide  the  necessary  ongoing 
maintenance  of  security  products). 

•  24-7  monitoring  service. 

Without  network  security 

Common  questions: 

•  Cost  to  organization  if  Web  site  is 
hacked? 

•  Cost  of  information  loss?  (potential  for 
competitors  to  gain  access  to  proprietary 
information,  potential  loss  of  credibility 
with  clients,  potential  litigation  costs  of 
information  that  is  considered 
confidential) 

•  Network  resource  downtime  (number  of 
employees  potentially  impacted  by  their 
salary  costs  to  the  company. 


Eliminate  807.  of  time  spent  resolving  problems 
Solve  507  of  downtime  causes 
Empower  higher  IT  productivity 


A  New  School  of  Thought 

What’s  good  for  security  is  good  for  operations. 


Tripwire®  reduces  operational  risk  and  ensures  the  security 
and  availability  of  your  networks.  By  immediately  detecting 
and  pinpointing  change,  Tripwire  provides  stretched  IT  staffs 
with  increased  visibility  and  control.  The  result?  A  high  level 
of  security  and  complete  confidence  in  the  integrity  of  IT 
operations  across  the  enterprise. 

Tripwire  is  the  only  way  to  have  1 00%  confidence 
that  systems  remain  uncompromised. 

The  Integrity  Assurance  Company. 


FREE  30-day  fully-functional  demo  & 

White  paper  “What’s  Good  for  Operations  is  Good  for  Security”, 

Call  1  -800-TRIPWIRE  (874.7947)  or 
Visit  http://networld.tripwire.com  today! 


©  Copyright  2003.  Tripwire  and  the  Tripwire  logo  are  registered  trademarks  of  Tripwire,  Inc. 
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WHAM!  Wireless  has  exploded.  Your  options?  Staggering.  Opportunities?  Endless.  But 
beware. ..danger  abounds!  One  wrong  decision  could  expose  your  data.  Weaken 
your  security.  Degrade  network  performance.  And  drain  profits  enterprisewide. 

Are  you  ready  to  make  crucial  decisions  that  just  won't  wait?  Join  us  for  Wireless  LANs: 
Smart  Growth  for  802.11  Networks  a  new  Network  World  Technology  Tour  event.  Discover 
the  relative  advantages  of  802.1 1  g,  b  and  a  standards.  The  sudden  advances  in  wireless 
roaming.  The  hidden  risks  of  wireless  voice  and  video.  The  real  reasons  behind  the  push  to 
WPA  protocols.  And  the  crucial  role  of  3G  in  the  wireless  arena. 

Let's  face  it,  wireless  is  hot.  But  that  just  puts  more  heat  on  you.  So  don't  miss  this  exclusive 
event.  Harness  the  power  of  today's  802.1 1  explosion  and  put  it  to  work  for  the  future  of 
your  enterprise. 

Advance  Reservation  by  Qualified  Professionals  is  Required 
for  Complimentary  Attendance 

REGISTER  NOW! 

Online  at  www.nwfusion.com/events/wlan2 
or  call  1-800-643-4668 


■  KEYNOTE  SPEAKER 
Tom  Henderson 

Principal  Researcher,  Extreme  Labs,  Inc. 
Member,  Network  World's  Global  Test 
Alliance 


An  ahead-of-the  curve  event  for: 


►  CIOs 

►  IT/IS  managers/directors/executives 

►  Network  and  security  architects 

►  Network  and  security  managers 

►  Systems  managers/administrators 

►  LAN/WAN  administrators 


Top  5  Takeaways: 


►  latest  on  developing  802.11  standards 

►  optimum  techniques  for  deploying  WLANs 

►  most  effective  wireless  security  solutions 

►  leading  applications  for  WLANs 

►  strategies  that  overcome  structural 
interference 


This  event  is  limited  to  Network  and  IT 
professionals  involved  in  the  evaluation, 
purchase  and  implementation  of  wireless 
LAN  products  and  services. 
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Taking  IT  offshore 

Where  are  the  hot  spots  for  offshore  outsourcing? 
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■  BY  LINDA  LEUNG 

Offshore  outsourcing:  Like  it  or  loathe  it, 
the  ability  to  get  the  same  work  done  for 
less  money  by  overseas  workers  is  likely  to 
be  a  big  draw  for  U.S.  corporations  strug¬ 
gling  to  remain  competitive. 


The  recent  news  that  IBM  executives  met  to  dis¬ 
cuss  shipping  IT  jobs  overseas  has  generated  con¬ 
troversy.  But  IBM  is  just  one  of  a  score  of  organiza¬ 
tions  that  have  discussed  offshore  outsourcing 
options.  According  to  Gartner,  by  2004  more  than 
80%  of  all  U.S.  companies  will  have  considered  shift¬ 
ing  U.S.  IT  jobs  overseas,  while  40%  of  all  U.S.  orga¬ 
nizations  will  have  completed  some  type  of  pilot  or 
will  source  IT  services  from  non-U.S.-based  service 
providers. 

In  addition  to  the  cost  benefits,  shunting  tasks 
such  as  programming  and  application  migration  to 
foreign  lands  frees  up  in-house  staff  to  work  on  more 
strategic  developments. 

As  offshore  service  providers  get  more  experi¬ 
enced  at  dealing  with  U.S.  corporations,  they  are 
beginning  to  move  up  the  value  chain  to  offer  busi¬ 
ness  process  outsourcing,  call  center  outsourcing 
and  network  infrastructure  management. 

Countries  such  as  Canada,  India  and  the  Philippines 
are  good  locations  for  service  providers  offering  net¬ 
work  management  outsourcing,  says  Debashish 
Sinha,  principal  analyst  of  IT  services  and  sourcing  at 
Gartner.  Those  regions  offer  large  pools  of  highly 
trained  workers,  have  a  modern  telecom  infrastruc¬ 
ture  and  are  likely  to  be  able  to  make  the  required 
capital  investment  in  building  network  management 
centers. 

“The  Philippines  is  an  archipelago  that  has  high¬ 
speed  underseas  telecom  cables  between  the 
islands  right  up  to  the  management  centers,”  Sinha 
notes,  in  comparison  to  continental  regions  that 
might  rely  on  older,  domestic  pipes. 

On  the  other  hand,  countries  that  don’t  have  an 
expansive  pool  of  workers  or  can’t  afford  big  capital 
investments  instead  often  concentrate  in  niche 
areas.  Russia,  for  instance,  offers  scientists  and 
mathematicians  who  can  help  solve  large-scale, 
complex  technical  problems.  There,  an  average 
developer  salary  is  about  $7,500  per  year,  according 
to  Gartner. 

This  guide  will  show  you  which  regions  offer  off¬ 
shore  outsourcing  and  the  types  of  services  local 
providers  offer.  ■ 


Canada: 

More  nearshore 
•  than  offshore, 

Canada’s  cultural 
compatibility  and 
time  zones  are  obvious 
benefits  to  U.S.  organiza¬ 
tions  considering  a  safer  first  step 
to  outsourcing  to  foreign  lands.The 
country's  telecom  infrastructure 
lets  our  northern  neighbor  offer 
network  management  services. 

Specialty:  Applications  development, 
business  process  outsourcing,  call 
center. 

Quality  indicators:  High:  Govern¬ 
ment  support,  labor  pool,  infra¬ 
structure,  educational  system,  cul¬ 
tural  compatibility,  legal  system. 
Medium:  Cost,  process  quality. 
Low:  Globalization  skills. 


China: 

China  could  be  one 
of  the  top  three  off¬ 
shore  countries  as 
the  region  matures 
between  2007  and 
2010.  The  cost  of  its  work¬ 
force  is  20%  to  40%  less  than 
India's,  and  doing  business  with 
China  is  attractive  given  its  entry 
into  the  World  Trade  Organization. 

IT  workers  have  strong  Linux  skills, 
and  the  region's  role  as  host  of  the 
2008  Olympics  should  enable  it  to 
improve  the  national  infrastructure. 
However,  its  weaknesses  include 
problems  with  software  piracy,  poor 
levels  of  English  language  skills  and 
lack  of  technical  innovation. 

Specialty:  Embedded  software,  hard-^ 
ware  services,  localization,  applica¬ 
tion  development. 

Quality  indicators:  High:  Government 
support,  cost,  globalization  skills. 
Medium:  Infrastructure,  educa¬ 
tional  system.  Low:  Labor  pool, 
process  quality,  cultural  com¬ 
patibility,  legal  system. 


India: 

With  415,000  IT 
pros  and  70,000 
newbies  entering 
the  workforce  each 
year,  India  is  the 
dominant  offshore  player. 
Beyond  legacy  maintenance  and 
staff  augmentation,  providers  now 
offer  infrastructure  outsourcing, 
e-business  development  and  appli¬ 
cations  integration. 

Challenges  include  cultural  differ¬ 
ences  with  the  U.S.,  perception  that 
providers  take  a  subservient 
approach  to  their  work  (customers 
want  providers  to  challenge  their 
thinking),  and  increased  competi¬ 
tion  from  other  countries. 

Specialty:  Applications/product 
development,  business  process  out¬ 
sourcing,  call  centers. 

Quality  indicators:  High:  Government 
support,  labor  pool,  educational 
system,  cost,  process  quality. 
Medium:  Globalization  skills,  infra¬ 
structure.  Low:  Cultural  compatibil¬ 
ity  with  U.S.,  legal  system. 


Quality  indicators:  High:  Government 
support,  infrastructure,  educational 
system,  process  quality,  cultural 
compatibility,  legal  system. 

Medium:  Labor  pool.  Low:  Cost, 
globalization  skills. 

Israel: 

Like  Ireland,  Israel 
has  a  smaller 
•  labor  pool  and  so 
has  had  to  spe- 
cialize.The  country's 
higher-education  system 
has  helped  to  produce  savvy  IT  pros. 

Specialty:  High-end  systems,  learn¬ 
ing  systems. 

Quality  indicators:  High:  Infra¬ 
structure,  educational  system,  cul¬ 
tural  compatibility.  Medium: 
Government  support,  labor  pool, 
cost,  process  quality,  legal  system. 
Low:  Globalization  skills. 


Philippines: 

Business  and  IT 
services  have 


•  ■ 

become  a  target 

for  the  Philippine  1 


Ireland: 

Gartner  lists 
•  Ireland  as  an 

example  of  a 
region  without  a 
vast  labor  pool  that 
is  focusing  on  high- 
value  offerings.  It’s  regarded  as  one 
of  the  leading  countries  for  packaged 
applications  and  product  develop¬ 
ment,  as  well  as  internationalization 
experience  and  software  localization. 

However,  labor  cost  is  high  com¬ 
pared  to  other  offshore  countries. 
According  to  the  OffshorelTout 
sourcing.com  Web  site,  a  program- . 
mer  in  Ireland  costs  roughly  $25,000 
to  $40,000  per  year,  compared  tp 
$6,000  to  $20,000  per  year  in  India. 


r- 


Specialty:  Packaged  applications, 
product  development,  high- 
end  systems. 


government,.. 

Strengths  include  a 
high  level  of  English  language  profi- 
ciency;  a  consultative,  customer-  -.. 

service-oriented  workforce;  and  I 

high-quality,  low-cost  labor.  -  '  I 

Weaknesses  include  low  awareness  ■  :  ‘f  • 
of  the  Philippines  as  an  offshore  -  %  % 
contender,  lack  of  experienced^ 
operations  management tearo^1  and 

migration  of  workers  to  the  U.S. 

' 

Specialty:  Call  centers,  hysinessT  tvf^ 
process  outsourcing,  animation'.  >. 
application  development.  ,  ;• 

.  •_  ■ 

Quality  Indicators:  High:  Cpst,;  cuLLpv' 
tural  compatibility.  Medium: 

Government  support?  latopPpbdJ' ' '  ’’ 
i nfrastructure.  educatidhaie^it 
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EASIER  TO  USE 

•  Auto-configuration  simplifies  set-up.  The  system  automatically 
addresses  the  ports,  appliances  and  computers  for  you 

•  Intelligent  AMIQ  interface  modules  remember  your  configuration, 
so  it’s  easy  to  install,  maintain  or  move  your  servers 

•  Graphical  AMWorks  administration  software  and  mouse-driven 
on  screen  menus  are  simple  to  navigate  and  control 


MORE  ADVANCED  FEATURES 

•  Scalable  architecture  grows  with  your  server  room 
•Supports  multi-rack  PS/2,  Sun  and  USB  server  environments 

•  Full  non-blocked  access  to  servers  and  serial  devices 

•  End-to-end  CAT  5  connections 

•  Save  rack  space  -  1  U  switch  supports  up  to  8  users  and  32 
servers;  2U  switch  supports  up  to  16  users  and  64  servers 

•  Multi-level  security  and  password  protection  for  each  user 

•  Multiple  users  can  share  access  to  the  same  server 

•  Share,  private,  scan  mode  available  to  all  users 


Smarter, 


wmtmm 


Simpler  KVM  Switching 


•  AMIQ  computer  interface  module  retains  the  unique  ID  and  server  name, 
so  reconfiguration  and  expansion  is  as  simple  as  switching  the  cable* 


•  Exclusive  AutoTuning™  optimizes  video  performance  over  UTP  cable,  at 
any  distance 

•  Build  customized  user  profiles  and  centralize  control  of  connected  servers 
with  AMWorks  -  Java-based  system  software  included  with  each  switch 


•  All  system  components  can  be  flash  upgraded  simultaneously  with  just  a 
few  clicks  of  the  mouse 


Call  for  an  Avocent  Authorized  Reseller  near  you 


1  866286-2368 


Make  the  smart  switch.  Download  our  Definitive  KVM 
Buyer’s  Guide  at  www.avocent.com/advantage 

I  or  call  1-866-286-2368. 


KVM  OVER  IP  and  The  P?wer  erf  Betng  There  are  trademarks  ot  Avocare 


AvocenL 

The  Power  of  Being  There- 


Console  Management 


■ff||  Selecting  the  right  components  for  your 

network  is  often  a  challenging  decision.  '* ' 

With  our  AlterPath  PM8,  you  can  remotely 
re-boot  your  system  with  just  a  few  mouse  clicks. 

By  integrating  the  AlterPath  PM8  with  our 
award-winning  AlterPath  ACS,  you  combine 
power  and  console  management.  Now  you  can  1 Wk 

command  all  your  infostructure  with  secure  authentication 
and  bulletproof  encryption  as  demanded  by  todays' 
mission-critical  applications  all  in  one  single  session  -  anytime,  anywhere 


AlterPath  ACS 


AlterPath  PM8 


Power  Management 


Command  Your  Network 
With  Cyclades 


Integrated  Power 

Console  and  power  control  from  one  session,  • 

and  Console 

no  need  to  memorize  ports  and  addresses 

b 

Security 

SSH  v2,  strong  authentication,  encryption  and 

IP  filtering  on  both  power  and  console  access 

Daisy  Chain 

Daisy  chain  power  distribution  units  to  control 

w£m 

any  number  of  devices  from  a  single  serial  port 

Best  Hardware  for 
Linux  since  1995 


www.cyclades.com/ nw 

1 .888. cyclades 
sales@cyclades.com 


cyclades 
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Rose  Electronics  •  10707  Stancliff  Road  ■  Houston,  Texas  77099 


CrystalView™  Pro 

DIGITAL  KVM  EXTENDER 

OVER  FIBER  OR  CAT  5 

♦  Extends  KVM  signals  up  to  33,000 
feet  away 

♦  Uses  only  two  fibers  or  single  Cat  5 

♦  Supports  DVI/VGA,  PC,  Sun,  USB, 
optional  Audio/Serial 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1600x1200  resolution 


CrystalView™  Rack 
CAT 5 KVM  EXTENDER 

♦  Extends  the  distance  from  6  or  1 2 
PC’s  up  to  1 000  feet  away 

♦  optional  serial/audio 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1600x1200  resolution 


UltraLink™ 
REMOTE  KVM  ACCESS  OVER  IP 

i  Connect  to  remote  computer  over  Ethernet  or  dial-up 
Single,  dual,  quad  models 

Local  KVM  port  to  access  computers  at  UltraLink  unit 

Modem  port  with  dial-back  security 

Up  to  1 280x1 024  resolution,  supports  all  platforms 

Easy  to  install,  give  it  an  IP  address  and  run  the 
remote  client,  no  licensing  required 

Scaling  of  computer  image  reduces  amount  of  data 
sent  and  permits  fast  screen  updates  over  slow  links 

Quad  screen  mode  allows  you  to  see  four  servers 
from  one  screen 

SSL  security  and  passwords  prevents  unauthorized 
access 


USA  toll  free  800  333  9343 
ROSE  US  281  933  7673 
ROSE  Europe  +44  (0)  1264  850574 
ROSE  Asia  +65  6324  2322 

WWW.ROSE.COM 
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CrystalView™  Mini 
CAT 5  KVM  EXTENDER 

♦  Extends  KVM  station  up  to  150 
feet  away 

♦  optional  serial/audio 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1280x1024  resolution 


CrystalView™ 

CAT 5  KVM  EXTENDER 

♦  Extends  your  KVM  station  up  to 
1000'  from  your  computer 

♦  Supports  PC,  Sun,  or  USB, 
optional  Audio/Serial 

♦  Single  or  dual  (dual  supports 
second  KVM  station) 

♦  Up  to  1 600  xl  200  resolution 

♦  Available  as  standalone,  rack 
mounted,  or  high  density  chassis 


EQUINOX'  “Serial  Ports  Over  IP” 


an  Avocent  Company 


•  C.  +5  • 

The  ESP-2  Ml  is  a  compact  Multi-Interface,  2-port  serial  hub  that  provides  versatile  RS-232,  RS-422  and  RS-485 
support  for  industrial/manufacturing  and  a  wide  variety  of  commercial  applications. 

•  NEW  web  management  utility  simplifies  configuration  and  administration  *  F— 

•  Supports  RS-232,  RS-422  and  RS-485  serial  protocols 

•  Ideal  for  industrial/manufacturing  environments  and  other  commercial  applications 


Web  browser 
management 
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The  Family  of  Equinox  ESP  10/100  Serial  Hubs  provide  “Serial  Ports  Over  IP” 

Place  serial  COM  ports  at  the  point  of  need  and  eliminate  the  cabling  nightmare.  Our  Multi-Interface  serial  hubs  allow 
soft-selection  of  RS-232,  RS-422  and  RS-485  serial  interfaces  on  a  per  port  basis.  Equinox  Serial  Hubs  offload  virtually 
all  serial  traffic  from  the  host  server  so  your  ports  are  finally  freed  from  the  confines  of  your  server  -  ideal  for  peripheral 
sharing.  Includes  1 5KV  surge  protection  on  every  pin  of  every  port. 


Make  your  serial  devices 
IP  ready  with  Equinox  ESP 

Serial  Hubs! 


Download  your  free  white  paper:  Optimizing  Manufacturing  Infrastructure  Using  Ethernet  Serial  Hubs  at 
http://www.equinox.com/wpdownload272.cfm 

For  a  FREE  30-day  product  evaluation,  call  1-800-275-3500  ext  615  or  954-746-9000  ext  615 


c  2903  Equinox  Systems,  an  Avocent  Company.  All  rights  reserved.  All  brand  names  and  product  names  are  trademarks  or  registered  trademarks  of  their  respective  holders. 
One  Equinox  Way,  Sunrise  FL  33351  email:  sales@equinox.com  tor  international  customers  email:  mtlsales@equinox.com 


Experience  Counts.  GTA  incorporates 

eight  years  of  firewall  experience  into 
5  new  firewall  appliances  for  the  SME 
market.  With  features  including  VPN 
hardware  acceleration,  high  availability, 
content  filtering  and  gigabit  support, 
GTA  offers  complete  firewall  solutions 
at  a  price  SME  businesses  can  afford. To 
learn  more  about  our  family  of  firewalls 
visit  our  website  or  contact  a  GTA 
channel  partner. 


1200 


1500 


-4GTA:'  www.gta.com  ;ii 
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■  Secure  Shell  (SSHv2)  Encryption 

■  Simultaneous  SSH  or  Telnet 


The  SCM-16  Secure  Console  Management  Switch  provides  in-band  and 
out-of-band  access  to  RS232  console  ports  and  maintenance  ports  on  UNIX 
servers,  routers  and  any  other  network  elements  which  have  a  serial  console 
or  craft  port.  System  administrators  can  access  serial  maintenance  ports 
over  the  network  via  SSH  connections  and  simple  menu-driven  commands, 
or  through  a  discrete  TCP  port  connection  mapped  directly  to  one  of  the 
SCM-16  serial  outputs. 


Visit  website  for  complete  NetReach™  product  line. 


■  Non-Connect  Port  Buffering 

■  SYSLOG  Reporting 
IM  SNMP  Capability 

■  Any-to-Any  Port  Switching 
*  IP  Security  Features 

■  10/100  Base-T  Ethernet  Port 

■  Port-specific  Password  Protection 

■  Data  Rate  Conversion 

■  1 1 5/230 VAC  or  -48VDC  Models 


SSH  or  Out-Band  Access  to 
Consoles  at  Remote  Locations 


(800)  854-7226  •  www.wti.com 

5  Sterling  •  Irvine  •  California  92618-2517 
(949)  586-9950  •  Fax:  (949)  583-9514 


western  telematic  incorporated 


There  Is  A  Better  Way  To  Troubleshoot  &  Manage  Your  Network 


OBSERVER 


EXPERT 

OBSERVER 


OBSERVER 

S  U  T  T  E 


Quickly  Pinpoint,  Pre-solve  & 
Prevent  Network  Problems 


Observer 

ms 


txpert  Observer 

Observer  Suite 

*2325  *3995 


Observer® — Quickly  identifies  network 
trouble  spots  and  costs  thousands  less  than 
expensive  hardware-based  analyzers. 
Observer  provides  metrics,  capture,  and 
trending  for  both  shared  and  switched 
environments. 

•  Full  packet  capture  and  decode  for  over 
500  protocols,  including  TCP/IP  (v4  &  v6), 
NetBIOS/NetBEUI,  XolP,  SNA,  SQL,  IPX/SPX, 
Appletalk  and  many,  many  more! 

•  Switched  mode  sees  all  ports  on  a  switch 
gathering  statistics  from  an  entire  switch  or 
capture/statistics  from  any  port(s) 

•  Long-term  network  trending  collects 
statistical  data  for  days,  weeks,  months, 
even  years 

•  Real-time  statistics  include  Top  Talkers, 
Bandwidth,  Protocol  Statistics,  and 
Efficiency  History 

•  Ethernet  (10/100/Gigabit),  Token  Ring, 
FDDI,  and  Wireless  802. 1 1 — no  need  to 
purchase  separate  tools 


•  Windows®  98/Me/NT/2000/XP  compatible 

•  Over  4,000  frame  types  recognized 

Expert  Observer — Identifies  problems  and 
provides  Expert  information  in  plain  English. 

Includes  all  of  the  features  of  Observer  plus 
real-time  and  post-capture  expert  event 
identification  and  analysis — new  SQL  and 
Frame  Relay  experts  add  to  the  many  other 
protocols  covered,  time  synchronization 
technology,  and  modeling  of  network  traffic. 

Observer  Suite — The  ultimate  tool  for 
the  most  demanding  power  user. 

Provides  a  full  complement  of  tools  that 
includes  all  of  the  features  of  Expert 
Observer  plus  SNMP  management,  RMON 
console/Probe  and  Web  reporting.  Includes 
one  remote  Probe. 

If  you  have  any  network  problems,  find 
out  the  cause  with  Observer,  Expert 
Observer,  or  Observer  Suite. 


Call  800-526-7919  or  visit  us  online  for  a  full-featured  evaluation: 

www.NETWORKINSTRUMENTS.com 

US  (952)  932-9899  •  Fax  (952)  932-9545  •  UK  &  Europe  +44  (0)  1959  569880  •  Fax  +44  (0)  1959  569881 


INSTRUMENTS 


©2002  Network  Instruments,  LLC.  Observer,  "Network  Instruments"  and  the  “N  with  a  dot"  logo  are  registered  trademarks  of  Network  Instruments,  LLC. 
All  other  trademarks  are  property  of  their  respective  owners. 
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Network  Cables 

Cisco  and  Fiber 
Cabling 

Printer,  Modem  VGA 
Cables  and  Adapters 

Enclosures 


Power  Adapters 
Cooling^  Solutions 
Laptop  Accessories 
Racks 

Rack  Accessories 


Power  Distribution 
_ Pewices 

Security  Hardware 

Surge  Protectors 

UPS  Cables  and 
Accessories 

UPS  Management 
_ Peripherals 

UPS  Management 
Software 

UPS  Replacement 
Batteries 


BuyUptime.con 

Your  One-Stop  Shop  for  high  availability  products 


High  Availability  Made  Easy  - 

BuyUptime.com  is  a  leading  supplier  of  end-to-end  UPS  power,  thermal  cooling,  and  management  solutions. 
Visit  us  today  to  find  the  high  availability  solution  that  is  right  for  you. 

Power  Protection  and  Management  Solutions! 


Power  Protection  for  Servers 
and  Network  Peripherals 

•  Protects  your  hardware  and  data  by  supplying 
network-grade  battery  back-up  power 

>  Robust  diagnostics  allow  network  administrators  to  solve 

problems  before  they  happen 

Protects  anything  from  single  servers  to  fully  populated  racks 
•  Includes  Power  Management  software  with  purchase! 


Network  Power  Management 

Accessories 

•  Metered  outlet  strips  for  Racks/Enclosures 
provide  alarm  thresholds,  toolless 
mounting  abilities 

•  Portfolio  of  software  and 
enhancement  cards  for 
administration  and 
monitoring  of  APC  devices 

•  Many  power  management  peripherals  to 
supply  your  application  needs 


•>  . . 
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•Prices  include  standard  shipping 


Order  via  our  promo  page  and  save 

Visit  http://promo.buyuptime.com 

and  enter  Key  Code:  m702y 


Or  Call  Toll  Free: 


888-288-8843  to  order. 

Fax:(877)411-2080  •  e-mail:customerservice@buyuptime.com 
801  Corporate  Centre  Drive,  St.  Charles,  MO  63304  •  BY2A3EP-US 
©2003  Systems  Enhancement  Corp.  All  Trademarks  are  the 
property  of  their  owners. 
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'Industrial-strength 
SUperb'-PC  NtogaJn 


a-B-i-f  n Instantly  Search 
Ql9CdlCI1  Gigabytes  of  Text 

♦  Search  across  networks,  intranets,  and  web  sites 

♦  Publish  large  document  collections  to  web  or  CD/DVD 

♦  over  two  dozen  indexed,  unindexed,  fielded  and  full-text  search  options 

♦  highlights  hits  in  HTML  and  PDF  while  displaying  embedded  links, 
formatting  andllnLM^ 

♦  converts  other  file  types— word  processor,  database,  spreadsheet,  email, 

ZIP,  XML,  Unicode,  etc.— to  HTML  for  display  with  highlighted  hits 

♦  developer  products  have  easy  wizard-based  setup;  optional  API 


“Searches  at  blazing  speeds”  -Computer  Reseller  News  Test  Center 

“Very  powerful ...  a  staggering  number  of  ways  to  search” 

-Windows  Magazine 


‘Intuitive  and  austere  ...  a  superb  search  tool”  -PC  World 


dtSearch  “covers  all  data  sources ...  powerful 
Web-based  engines”  -eWEEK 

“Blindingly  fast”  -Computer  Forensics:  Incident  Response  Essentials 

“A  powerful  text  mining  engine  ...  effective  because  of  the  level 
of  intelligence  it  displays”  -PCM 

In  the  past  year  alone,  over  half  of  the  current  Fortune  10 
have  purchased  developer  or  network  licenses. 

1 -800-IT-FINDS  for: 

salp«;(3>riteparrh  rnm  ♦  developer  case  studies 

saiesf9a1searcn.com  +  fully-functional  evaluations 
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Network 

from  $800 


NetworkWorfd 

THE  HUB  OF  THE  NETWORK  BUY 


Packet  Sniffing  Made  Simple 


Iris®  Network  Traffic  Analyzer 


Decoding  and  Reconstruction 
of  Network  Traffic 


0IKIS  V.l.b 


Rte  View  Capture  Decode  Filers  Tools  Help 


Network  Activity  Monitoring 
Comprehensive  Traffic  Stats 


•  Keyword  Filtering 

•  Alerting  Capabilities 
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Download  a  FREE  Whitepaper  and  FREE  Trial  of  Iris: 
www.eEye.com/Freelris  or  call  866.282.8276 


}  Intel  8255x -based  Ii 


Iris  Network  Traffic  Analyzer  enables  instant  capturing,  decoding, 

<e> 

and  visual  reconstruction  of  network  activity. 

eEye*  Otgital  Security 

SENSAPHONE* 

irvis 


Sends 

SNMP 

Messages 


Monitors 

64 

IP  addresses 


Embedded 

Web 

Server 


Sends 

E-Mail 


Power 

Outage 

Alarming 


Internal 

UPS 


Power 

Control 

Interface 


Ethernet 

Port 


Internal  Voice, 
Modem 
&  Pager  Port 


8  R|-45  Sensor  Inputs 

( Temperature ,  Humidity, 
Water,  Motion,  Power, 
Smoke/fire) 


Microphone 

for  Sound 
Monitoring 


BE  NOTIFIED  BEFORE  CRITICAL  EVENTS  TURN  INTO  DISASTER! 


•  Eight  environment  inputs 

•  Power  sensing 

•  Monitors  64  IP  addresses 

•  Send  alerts  to  64  people 

•  8  methods  of  contact 

•  Calendar  scheduling 

•  Expands  to  256  sensors 

•  Remote  power  control 

•  Optional  camera 


The  Sensaphone  IMS-4000  Infrastructure 
Monitoring  System  monitors  critical  environ¬ 
mental  and  network  elements  in  your  server 
room,  data  center,  or  telecomm  installation  and 
reports  to  you  instantly  when  events  threaten 
your  infrastructure.  The  IMS-4000  keeps  watch 
so  you  don't  have  to.  See  these  features  and 
more  on  the  web  at  www.ims-4000.com 


Phonetics,  Inc. 

Tel:  877-373-2700 

901  Tryens  Road 

www.ims-4000.com 

Aston,  PA  19014 
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NetworkWorid 

THE  HUB  OF  THE  NETWORK  BUY 


CISCO  NORTEL 

NEW  •  REFURB  /  BUY  •  SELL 


Truckload 

Sale 


NlDRTEL 


Bay  Networks^ 
Fax  Equipment  List  To  801  -377-0078 


888-8LANWAN  gSS 

Call  (or  Free  Quote!  (888-852-6926)  www.nle.com 


irOvii 

See  the  entire  Generation 
3.0  collection  at: 

BRETTS 

Luggage.  Leather  gotxls.  Gifts 
Pens.  Clocks.  Lighters.  Games 

www.suitcase.com 


Advertise  in  the 
Marketplace  and 
watch  your  sales 
come  pouring  in! 


Call  Direct  Response 
Advertising 
1-800-622-1108 


Advertise  in  the  Marketplace 
and  watch  your  sales  come 
pouring  in!  .S'  JJ  if 

Call  Direct  Response  Advertising 

1-800-622-1108 


Systems/Feotures/Memory 

Cl 


Also  Available:  Wellfleet,  Bay,  Fore, 
xylogics,  Livingston,  &  Ascend 

in  Stock  •  Fast  Delivery  •  No  Expedite  Charges 

COMSTAR,  INC. 

The  Hi  Network  Remarketer 

952*835*5502 

Fax  952>8S5<1927  E-Mail:sales@comstarinc.com 


ffl 


Advertise  in  the 
Marketplace  and  watch 
your  sales  come 
pouring  in! 


Call  Direct  Response 
Advertising 
1-800-622-1108 
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Contact  these  companies  today  to  help  you  with  your  training  needs! 


MeasureUp 

I  1  Transcender 

(678)  356-5000  ^ 

j  I  (615)  726-8779  | 

www.measureup.com 

S;  1  www.transcender.com  j 

Certification  Practice  Tests 

\  1  Award  winning  practice  exams  | 

|  1  for  IT  certification  | 

Leamkey,  Inc. 

I CBT  Nussets 

(800)  865-0165 

|  1  (888)  507-6283  &  (541)  284-5522  | 

www.leamkey.com 

|  lwww.cbtnuggets.com  j 

Self-paced  online  CD  network 

|  1  Inexpensive  training  videos  on  CD.  j 

certification  developer  bus/apps 

j  1  MCSE,  MCDBA,  MCSD,  Cisco  CCNA,  Linux,  A+,  Net+  \ 

IPexpert,  Inc. 

(866)  225-8064 
www.ipexpert.net 

CCIE  (R&S,  SEC,  and  C&S),  CCSP, 

|  CCNP,  CCNA,  and  IP  TELEPHONY 

io  PJ-.Ki  Your  UiiJjj  j  U  Hi 
©JJ  inliii  ;ii 


(J00)  j'i'M  J'J-J 


^  MetWOikWorld  NetSmart  Learning  Partner 


e^s-co  b/\Lt 


Tel:  408.727.1122  ^eCJ^R^jt 
Fax:  408.727.8002  technologies,  inc. 

34-3  1  DE  LA  CRUZ  BLVD.  SANTA  CLARA,  CA  95054 
WWW.RECURRENT.CDM  I  N FO@R EC U R  R ENT. C D M 


ph:  +  140 : 

OptimumDatalnc.  ^Qx  +  ^  ^ 

www.optimumdata.com 


toll  free  800  879  8795 
ph:  +  1  402  575  3000 
fox:  +1  402  575  2011 
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1  Used' Ci  sc 


1 20  Day  1 

Cisco  •  Paradyne  •  ADTRAN 


I  iq 


CISCO 


A+ 


Certified-As-New 


One-Year  Warranty 


►  Largest  warehouse  of  used  Cisco 

►  Highest  quality  and  lowest  prices 

►  Over  5000  satisfied  customers 


Call  or  email  for  a  fast  quote. 

800.439.8558 

digitalwarehouoe.  com 


+  The  No.1  Source  for  Used  Cisco  Direct 


NEW 


wucrarr 


9722 


USED 


50%-90%  Discounts 

Cisco  Livingston  Ascend  Lucent 
3Com  US  Robotics  Kentrox 
Adtran  BayNetworks  Xyple* 
Racketeer  Computone  Pattori 
Extreme  Networks 

Mo dome  /  DSU  /  Muxs* 

IBM  UDS  Codex  Hayes  GDC 
Micom  Microcom  Paradyne 
ATT  MultiTech  Penril 
Racal  Telebit  Zoom 

BUY  AND  SEU 

800-699-9722 


www.wrca.net 
AS5x  VOIP  /  EKS  Y 


careers 


it  careers.com 


Advertising  Supplement 


IT  Careers  in  Consulting 


Graduating  college  seniors  rank  consulting 
as  the  number  two  career  of  choice,  behind 
entertainment/media,  according  to  the  Universum 
Communications  annual  survey.  That's  good  news  for 
consulting  firms,  large  and  small,  which  are  hiring  new 
graduates  and  seasoned  IT  professionals. 

Despite  major  downsizing  that  applied  to  every  job 
category  from  2000  to  2002,  there  are  several  strong 
consulting  opportunities  in  2003.  Utilities,  transportation, 
manufacturing  and  defense/security  are  all  categories 
where  consulting  expertise  will  be  sought  out  in  the 
coming  months.  Rapid  change  is  needed  to  meet  new 
challenges,  as  well  as  longer  term  investments  in 
information  technology. 

While  consulting  was  hard-hit  by  the  economy  and  by 
corporate  leadership  issues,  firms  were  restructuring  and 
refocusing  priorities.  Accenture  became  an  independent 
group  of  consultants  as  of  January  2001,  while 
PricewaterhouseCoopers  sold  its  business  consulting  unit 
to  IBM.  Deloitte  Consulting  remains  part  of  Deloitte Touche 
but  operates  independently.  JDEdwards  is  merging 
with  PeopleSoft. 

The  larger  consulting  firms  are  hiring  in  a  range  of 
areas,  from  the  information  technology  that  enables  them 
to  serve  clients  to  the  actual  customer-facing  consultants. 
For  instance,  at  Accenture,  the  Technology  Solutions  group 
is  home  to  application,  software  and  architecture 


development  expertise,  while  business  consultants 
provide  the  link  to  clients  between  in-depth  business 
knowledge  and  how  technology  can  be  applied  to  meet 
that  specific  business  sector's  challenges. 

According  to  Laurie  Ryan,  spokeswoman  for  Accenture 
which  currently  employs  75,000  worldwide,  the  company 
hires  both  from  college  campuses  and  from  among  more 
seasoned  professionals.  Accenture  lists  job  openings  in 
areas  ranging  from  development  and  architecture  to  Tier  3 
support  and  services  delivery. 

While  specific  2003  hiring  numbers  for  the  major 
consulting  groups  aren't  being  provided,  the  larger  firms 
are  hiring  a  strong  mix  of  experienced  IT  professionals  and 
new  IT  graduates.  Small  firms  are  also  hiring,  sometimes 
combining  consulting  with  offshore  and  domestic  outsourcing. 


Cognizant  Technology  Solutions,  based  in  New  York,  is 
among  those  serving  as  a  conduit  to  offshore  resources  for 
the  more  routine  development  and  support  functions.  Larry 
Gordon,  Cognizant's  vice  president  for  marketing,  says  the 
firm  hires  about  30%  of  its  IT  professionals  in  the  United 
States.  Among  them  is  a  cadre  of  business  consultants  who 
have  experience  with  profit/loss  operations  and  who  have 
in-depth  business  acumen  in  one  of  the  company's  vertical 
markets.  He  lists  these,  specifically,  as  banking, 
retail/consumer  products,  insurance  and  healthcare 
insurance.  In  addition  to  client  partners  and  practice 
leaders,  the  company  is  looking  for  experts  in  transaction 
and  payment  solutions. 

Geographically,  the  opportunities  continue  to  center  on 
Boston,  New  York,  Virginia  and  North  Carolina  in  the  East, 
Chicago  and  Dallas  in  the  central  part  of  the  country  and 
Seattle,  Los  Angeles  and  San  Diego  in  the  West. 


For  more  information  about  IT  Careers  advertising, 
please  contact: 

Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01 701 

Produced  by  Carole  R.  Hedden 


Programmer  Analyst  needed  for 
IT  consulting  firm  located  in 
Burlington,  VT.  Job  duties 
include:  Analyze,  develop,  test 
&  document  client  server  based 
computer  applications  for  clients 
located  throughout  the  U.S. 
Evaluate  user  requests  for  new 
or  modified  programs.  Use 
Oracle,  SQL  Server,  Business 
Objects,  &  DB2  to  perform  tasks. 
Work  as  part  of  a  team  under 
direct  supervision.  Applicant 
must  have  B.S.  degree  in 
Computer  Science.  Business, 
Math  or  Engineering.  Applicant 
must  also  have  2  yrs.  exp  in  the 
job  duties  described  above  or  in 
any  computer  related  occupa¬ 
tion.  Must  be  willing  to  tem¬ 
porarily  re-locate  to  client  sites 
at  employer's  expense. 
40hrs/wk,  9:00  am-5:00  pm,  M- 
F,  $48,131/yr.  Send  resume  & 
cover  letter  to  Job  No.  607988, 
Vermont  Dept  of  Employment  & 
Training,  PO.  Box  488, 
Montpelier,  VT  05601-0488. 


Seeking  qualified  applicants  for 
the  following  positions  in 
Memphis/Collierville,  TN: 
Senior  Business  Application 
Analyst.  Serve  as  liaison 
between  technical  developers 
and  users'customers  Require¬ 
ments:  Bachelor's  degree  or 
equivalent"  in  computer  science, 
mathematics,  statistics,  busi¬ 
ness.  international  management 
or  related  field  plus  5  years  of 
experience  in  analyzing  busi¬ 
ness  systems  and  developing 
technical  automated  solutions 
Expenence  with  distributed  com¬ 
puting  desktop  operating  sys¬ 
tems  and  tools  also  required 
'Masters  degree  in  appropriate 
fink)  will  offset  2  years  of  gener¬ 
al  experience  Submit  resumes 
to  Sibl  George,  FedEx 
Corporate  Services,  1900 
Summit  Tower  Blvd  .  Suite  1400, 
Orlando,  Ft.  32810  EOE 


R  Systems,  Inc.  is  a  global  infor¬ 
mation  technology  services 
company  and  it  has  multiple  Job 
openings  for  the  following  posi¬ 
tions  at  its  corporate  office  in 
Sacramento  as  well  as  Project 
sites  throughout  the 
United  States: 

•  Applications  Programmer 

•  Database  Analyst 

•  Software  Engineers 

•  Systems  Analyst 

•  Network  Analyst 

•  IT  Project  Managers 

•  Business  Analyst 

•  Sales  Engineer 

•  Programmer  Analyst 

•  Sales  Manager 

•  Database  Administrators 

•  Market  Research  Analyst 

Minimum  requirement:  Bach¬ 
elor's  degree  or  equivalent  and 
one  year  experience  in  the  job 
offered.  All  positions  may  involve 
relocation  to  project  sites. 

Submit  detailed  resume  and 
position  applied  for  to: 

Attn:  Sanjay  Saxena 
5000  Windplay  Drive  Suite  5 
El  Dorado  Hills.  CA  95762 


COMPUTER 

PricewaterhouseCoopers 
GRMS  practice  group  has 
opportunities  available  for  expe¬ 
rienced  professionals  in  the 
design  and  implementation  of 
Security  Controls.  Positions 
require  a  bachelor's  degree 
(master's  preferred)  in  CS,  CE 
or  related  field  and  1  to  5  yrs  of 
related  exp.  Job  site/loca¬ 
tion:  NY,  NY.  Interested  candi¬ 
dates  please  reference  job  code 
4ZFMAJ  &  fax  resume  to 
J  Street  at  312-298-8246  No 
phone  calls  please.  Employer 
will  only  consider  applicants 
authorized  to  work  for  any 
employer  in  the  U.S. 


NC  Eye  Care  center  seeks 
DBA/Programmer  I  to  assist 
w/design,  development,  opera¬ 
tion,  maintenance  of  database 
systems  utilized  by  org.;  provide 
technical  direction,  recommen¬ 
dation  &  advice  to  users  con¬ 
cerning  database  administration 
under  mangr's  direct  supervi¬ 
sion;  assist  w/network  adminis¬ 
tration,  security,  enforcement  of 
company  wide  policies,  proce¬ 
dures  for  data  entry,  systems 
integration/automation  of  reports 
evaluation  of  new  features  of 
systems  for  development  feasi¬ 
bility.  Min.  req:  Bachelor's  in 
Electronics  Engineering/Comp. 
Science  &  3  mos  in  job/job  relat¬ 
ed  exp.  including  C/C++,  Visual 
C++,  Visual  Basic,  Sun  Solaris 
Script,  DOS  Batch  files,  Oracle 
Forms/Reports,  PowerBuilder, 
SQL’Plus,  PL/SQL,  Access 
VBA,  Excel  Macro,  Oracle  DB, 
Progress  DB,  MSSQL,  Windows 
(95/98/NT/2000/XP),  SunOS, 
Solaris,  SCO  UNIX,  ClearCase, 
TCP/IP,  Database  Adminis¬ 
tration  (DBA),  UNIX  Adminis¬ 
tration,  Software  Configuration 
Management,  Project  Lead. 
Resumes  to  Jose  Natal,  2325 
Sunset  Ave.,  Rocky  Mount,  NC 
27804.  No  calls.  EOE 


Junior  Programmer:  Assist  in 
design/development  conversion 
software  programs.  Analyze  & 
interpret  specifications  &  info 
from  airlines,  create  data  conver¬ 
sion  programs,  fix  software  bugs, 
&  make  program  modifications 
utilizing  Power  Builder  and 
Oracle.  Export  &  import  Oracle 
databases  through  remote 
access  and  PC  Anywhere  access 
programs.  Apply  updated  pro¬ 
gram  releases  of  company's  soft¬ 
ware  to  customer  databases 
Bachelor  in  computer  science  or 
related  1  yr.  exp  Competitive 
salary  8AM-5PM  Resume  to: 
Henry  Parra,  VP,  TRAX  USA 
Corp.  2665  S  Bayshore  Dr 
#501,  Coconut  Grove.  FL  33133 
(305)  357-4488 


COMPUTER  PROFESSIONALS 

Opportunities  for: 

•  PROCESS  CAPABILITY 
ANALYST 

•  QC  ANALYST 

•  WEB  ARCHITECTS/ 
DEVELOPERS 

•  SYSTEMS  ANALYSTS 

•  WEB  GRAPHIC  DESIGNERS 

•  NETWORK  ENGINEERS 

•  PROGRAMMER/ANALYSTS 

•  SOFTWARE  ENGINEERS 

SKILLS' 

•  COLD  FUSION  •  SPECTRA 

•  ORACLE  •  VISUAL  BASIC 

•  VISUAL  C++  •  SIEBEL  •  ASP 

•  COM.  DCOM  •  JSP  •  HTML 

•  JAVA,  JAVA  BEAN  •  EJB  JAVA 
SERVLETS  •  WEBSPHERE 

•  IBM  MQ  SERIES- XML, UML 

•  MTS  •  CLARIFY  •  PERL 

•  OBJECTPERL • SPYPERL 

•  SMALLTALK  •  PL/SQL 

•  VISUAL  AGE  •  COBOL.  SPL, 
UNIX 

Visit  our  website  @ 
www.computerhorizons.com 

Attractive  salaries  and  benefits. 
Please  forward  your  resume  to: 
H.R.  Mgr.,  Computer  Horizons 
Corp.,  49  Old  Bloomfield 
Avenue,  Mountain  Lakes,  New 
Jersey  07046-1495.  Call 
973-299-4000.  E-mail:  jobs@ 
computerhorizons.com.  An 
Equal  Opportunity  Employer  M/F. 


Application  Developers  needed 
at  unanticipated  client  sites  to 
perform  db  performance  analy¬ 
sis,  schema  re-dsgn  &  normal¬ 
ization,  tuning  issues  by  lever¬ 
aging  complex  JDBC  calls  to 
stored  procedures,  &  dvlp 
scripts  in  LoadRunner, 
WinRunner  &  XRunner.  Dsgn  & 
implmt  web  dispatcher  based 
on  Struts  Web  Application 
Framework  &  dsgn  s/ware  & 
h/ware  re-architecture  Send 
resume  to:  Global  Consultants. 
Attn:  Hireme,  25  Airport  Rd. 
Morristown,  NJ  07960. 


Sr.  Systems  Analyst  -  Lawren- 
ceville,  NJ.  Lead  turnkey  project 
to  dsgn,  dvlp  &  maintain  XML/ 
Internet  based  systms  for  envi¬ 
ronmental  regulatory  agencies. 
Applying  environmental  busi¬ 
ness  logic  to  lead  s/ware  life 
cycle  dvlpmt  incl  user  reqmt 
analysis,  systms  analysis,  dsgn, 
coding,  testing  &  implmtg 
applies  under  Microsoft  .NET, 
using  XML,  XML  Schema,  Web 
Services,  &  end-to-end  messag¬ 
ing  level  security  technology. 
Research  innovative  s/ware 
applies,  &  conduct  feasibility 
study.  Must  possess:  MS  in 
CompSci,  Environmental  Engg 
or  Chemical  Engg  with  min  2  yr 
of  exp  in  s/ware  dvlpmt.  Strong 
skills  in  XML,  XML  Schema,  C#, 
Microsoft. Net,  ASP.NET,  Web 
Services  Technology,  &  Biz  Talk 
Server.  Send  resume  w/salary 
reqmt  to  HR  Mgr,  Enfotech.  11 
Princess  Rd,  Unit  A, 
Lawrenceville,  NJ  08648.  Refer 
to  job#SYS018. 


Database  Systems 
Analyst/Project  Programmer 
Uses  various  database  systems 
management  tools  to  program 
Oracle  procedures  and  triggers 
with  PL/SQL  to  insure  that  gene 
ontology  data  is  capable  of 
being  integrated  and  uploaded 
into  RGD  and  related 
Bioinformatics  database  man¬ 
agement  systems.  Uses  princi¬ 
ples  of  database  management 
to  create  PERL  Scripts  for  auto¬ 
matic  database  files  as  well  as 
developing  enhanced  search 
reports  and  tools  for  implemen¬ 
tation  and  related  web  sites 
Requires  Master's  Degree  in 
Computer  Science  or 
Computing.  Send  resume,  no 
calls,  to 

Medical  College  of  Wisconsin 
Attn:  Employment  Office  - 
JMC0825 

8701  Watertown  Plank  Rd, 
Milwaukee,  Wl  53226 
Fax:  414-456-6502 


Software  Engineer  (Atlanta,  GA) 
Provide  product  leadership  for 
complex  software  development 
projects.  Manage  definition  of 
product  requirements  and  cre¬ 
ation  of  design  documentation 
leading  to  coding  and  testing  of 
software  application  for  retail 
industry.  Review  development 
artifacts  from  project  members 
for  quality  characteristics  and 
adherence  to  development 
standards  and  corporate  meth¬ 
odology.  Manage  creation  of 
new  feature  documentation  suit¬ 
able  for  use  by  customers  and 
internal  sales,  marketing,  train¬ 
ing  and  support  depts.  Review 
existing  pregrams  or  formulate 
logic  for  new  systems  using 
structured  programming  or 
object  oriented  analysis  and 
design  techniques.  Require¬ 
ments:  Master's  or  equivalent 
degree  in  Computer  Science, 
Math  or  related  field,  plus  2  yrs. 
Software  development  experi¬ 
ence.  Competitive  salary 
offered  Apply  on-line  at 
www.retek.com/apply.  Be  sure 
to  include  ComputerWorld  as 
the  source  code. 


Z3  Technologies,  Inc.  a  fast 
Growing  software  firm  is  look¬ 
ing  for  a  Computer  consultant: 
Should  have  bachelor's  degree 
in  computer  science/related 
field  with  2  years  experience  in 
Requirement  Analysis,  Design 
and  development.  Resolving 
the  technical  issues.  Progra¬ 
mming  in  Cognos:  Impromptu, 
PowerPlay,  IWR,  MSSQL. 
PLSQL,  DB2,  Win2k,  WinNT. 
and  skilled  in  Oracle; 

We  accept  foreign  education 
equivalent  of  the  degree,  or  the 
degree  equivalent  in  education 
and  experience  Send  resume 
and  covering  letter  to:  Z3 
Technologies,  Inc.  1803 
Shepherd  Ct  335  Waukesha, 
WI-53186; 

resumes@z3tech  com 
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THE  WORLD’S  BEST 
IT  TOOL  IS  IN 
YOUR  HANDS. 

THE  WORLD’S  BEST 
IT  TALENT  IS  AT 
OUR  SITE. 

o 

WHAT  ELSE  WOULD  YOU  EXPECT 
FROM  THE  ONE  AND  ONLY  CAREER 
RESOURCE  FOR  READERS  OF 
COMPUTERWORLD, 
INFOWORLD  AND 
NETWORKWORLD? 

COME  ON, 

RECRUIT  OUR  READERS 
AND  YOU'LL  RECRUIT  LESS  OFTEN 

CHECK  US  OUT  AT: 

WWW.ITCAREERS.COM 


Z3  Technologies,  Inc.  a  fast 
Growing  software  firm  is  looking 
for  a  Computer  consultant: 
Should  have  bachelor's  degree 
in  computer  science/related  field 
with  2  years  experience  in 
Requirement  Analysis,  Design 
and  development.  Resolving  the 
technical  issues.  Programming 
in  Oracle  Applications:  GL,  AP, 
AR,  FA,  PO,  INV,  OM,  CM,  BOM 
modules  versions  11/1. 1i„  Unix, 
Sun  Solaris  and  skilled  in  Oracle 
Reports,  Forms,  Discoverer.  We 
accept  foreign  education  equiva¬ 
lent  of  the  degree,  or  the  degree 
equivalent  in  education  and 
experience.  Send  resume  and 
covering  letter  to:  Z3 
Technologies,  Inc.  1803 
Shepherd  Ct  335  Waukesha, 
WI-53186; 

resumes@z3tech.com 


Software  Engineers  and 
Programmer  Analysts  for 
Software  company  in 
Camp  Hill,  PA.  All  posi¬ 
tions  require  Bachelor's 
degree  in  Comp  Science/ 
Computer  Engineering  or 
related  field  and  1-3  years 
related  experience.  Send 
resume  to  Rashi 
Information  Services,  Inc, 
214  Senate  Avenue, 
Camp  Hill,  PA  17011. 
Attn:  Ravi  Jaganmohan. 


Trading  Systs  Dvlpr  wanted 
by  Investmnt  &  Trade  Support 
Services  Co  in  Manh.  Build 
derivative  models  for  trading: 
write  financial  systs  reports 
for  products  including  fixed 
income,  equity,  futures, 
options,  derivatives  &/or  for¬ 
eign  exchange:  dvlp  trading 
appls;  design  &  dvlp  risk 
mngmnt  reports.  Bach  in 
Comp  Sci  &  2yrs  exp  in  job 
offered  req.  Respond  to: 
CT/HR  Dpt,  PO  Bx  4241, 
GCS,  NY  10163. 


System/Programmer  Analysts 
wanted  by  Magnum  Software 
Services  (small  but  stable). 
Candidates  will  use  Java,  SQL, 
Oracle  for  business  analysis  and 
application  design,  must  have 
BS  in  computer  science/engi¬ 
neering.  Please  contact 
kiran@mgnmsoft.com  for 
details.  EOE. 

Saisha  Tech  &  Circuits 
International,  a  certified  minori¬ 
ty-owned  business  enterprise,  is 
looking  for  Sales  Engineer  with 
direct  account  responsibility, 
selling  custom  manufactured 
electronic  components  Must 
have  BS  with  exp.  in  tariff  calcu¬ 
lations.  Please  apply  at 
team@stacilc.com 


Programmer  Analyst.  Dev  cus¬ 
tom  software  for  Co.  using  SAP 
&  Eagle  Pace.  Support  & 
enhance  existing  apps  &  data¬ 
bases.  Design  &  implement  new 
database  schemas,  new  soft¬ 
ware  apps.  incl.  Web-based 
apps.  using  IT  tools  incl. 
ABAB/4  BAPIs,  RFC,  BDC, 
Plumtree,  Visual  Interdev, 
Embarcadero  ER  Studio, 
SysAdmiral, VBScript.  MTS.  MS 
SQL  Server  &  COM/DCOM  in 
MS  environment.  Req:  Bach¬ 
elors  in  Comp  Science  or 
Comp.  Eng.  40-hr.wk.  Job/ 
Interview  Site:  Boston,  MA. 
Send  resume  to 

recruit@Smallboard.com. 
PMB#121,  18  Washington 

Street,  Canton.  MA  02021 


Silverman  Law  Firm  seeks  appli¬ 
cants  for  the  position  of  System 
Administrator  in  Englewood,  CO 
to  engage  in  moderately  com¬ 
plex  tasks  involving  software 
configuration  management  and 
network  systems  administration 
for  law  firm.  Requires  experi¬ 
ence  in  design  of  software  con¬ 
figuration  management  and 
implementation  procedures; 
design,  implementation  and  sup¬ 
port  of  computer  network  and 
communications  technologies 
and  maintenance  and  support  of 
computer  hardware  assets. 
Requirements  also  include  a 
working  knowledge  of  configura¬ 
tion,  management  and  imple¬ 
mentation  procedures  for  FMI- 
Tucans,  CLS  and  JST  commer¬ 
cial  legal  collection  software 
packages.  Respond  by  resume 
to  David  Silverman,  Silverman 
Law  Firm,  13111  E.  Briarwood 
Ave.,  #340,  Englewood,  CO 
80112. 


Software  Engineer:  Sioux  Falls, 
SD.  Research,  design  &  Dev. 
Comp,  soft  syst,  in  conjunction 
with  hardware  product  dev. 
Consult  with  hardware  eng  & 
other  eng  staff  to  evaluate  inter¬ 
face  between  hardware  &  soft¬ 
ware.  &  operational  &  perfor¬ 
mance  req's  of  overall  system. 
Provide  technical  guidance  on 
client  projects.  Will  use  Win 
NT/95,  Unix,  AS/400,  dev  2000, 
ABAP/4,  Oracle,  RDBMS, 
DB/400,  OS/400,  SAP,  Visual 
Basic,  MAPICS  (MRP) 
Workstream,  Auto  CAD,  MS 
Access,  DOS.  Req'd  Bach  in 
eng/math/CS  or  MIS  &  5yrs  exp 
or  masters  +  2  yrs  exp  on  the  job 
or  as  a  Programmer  Analyst  or 
IT  Consultant.  $70,000/yr;  9AM- 
5PM,  MON-FRI,  40hrs  wk;  send 
2  resumes  to:  South  Dakota 
One-Stop  Career  Center,  811  E 
10th  Street,  Sioux  Falls,  SD 
57103-16500  Tel:  (605)  367- 
5300;  Fax:  (605)  367-5308. 


PROGRAMMER/ANALYST  to 
design,  analyze,  code,  debug, 
implement  and  maintain  e-com¬ 
merce  applications  software  and 
relational  database  for  automo¬ 
tive  industry  using  object  orient¬ 
ed  techniques,  C/C++.  dBase, 
Lotus  1-2-3  and  HTML;  design, 
develop  and  support  internet- 
based  e-commerce  applications 
using  Java,  Visual  Basic  and 
Oracle.  Require:  B.S.  in 
Computer  Science/Mathe¬ 
matics.  Competitive  salary  and 
benefits,  40-hour  week,  M-F, 
8:30  am  to  5  pm.  Apply  with 
resume  to:  President.  SKCO 
Investments  Corporation,  7354 
Airport  Blvd.,  Mobile.  AL  36608. 


Technical  Consultants  needed 
at  unanticipated  client  sites  to 
be  involved  in  business  pro¬ 
cessing  transactions  based 
on  XML  docs;  analyze,  dsgn, 
dvlp,  implmt  modules,  XML 
schemas  &  messages,  dvlp 
JSP  &  XML  parser  to  dvlp 
web  enabled  front  end  for 
insurance  s/ware  prdcts;  &  be 
involved  in  QA  &  customer 
support.  Send  resume  to: 
Atiam  Tech.,  Attn:  B.  Oakes. 
350  Baldwin  Towers, 
Eddystone,  PA  19022. 


Prog/Analysts  to  analyze, 
design  appls  using  C++,  Java. 
HTML,  VB,  JavaScript, 
Weblogic,  SQL,  Oracle,  MS 
Access  under  Windows,  UNIX 
OS;  perform  and  document 
data  modeling;  study,  evaluate 
new  technologies/methodolo¬ 
gies;  gather,  document  reqs 
from  user  community;  test/trou¬ 
bleshoot  project  appl  code 
Require:  BS  or  foreign  equiv.  in 
CS/Engg.  (any  branch)  with  2 
yrs  expin  IT.  High  Salary.  Travel 
involved.  F/T.  Apply  to:  HR, 
Unilinx,  Inc,  4625  Alexander  Dr., 
Ste  110,  Alpharetta,  GA  30022. 


SOFTWARE  ENGINEERS  (12 
positions):  require  Bachelor’s  or 
equivalent  in  Engineering/ 
Computer  Science/Mathema¬ 
tics/Science  or  closely  related 
field  with  two  years  experience 
providing  skills  in  described 
duties,  at  $79,000  per  year. 
Provide  on-site  consulting  in 
design,  analysis  and  develop¬ 
ment  of  software  applications  for 
legacy  systems  in  IBM  main¬ 
frame  environment;  develop¬ 
ment  and  administration  in 
Oracle.  DB2,  SQL  Server  and 
Sybase;  e-commerce  and  web 
applications  development  in 
Microsoft,  Java  and  related  tech¬ 
nologies;  network  management 
systems  development  with 
Netscape  Server  and  related 
tools;  SAP  R/3  applications  on 
Windows  with  DOS  and  ABAP/4 
and  related  modules.  40%  travel 
to  client  sites  in  the  United 
States.  Mail  resumes  to:  Y&L 
Consulting,  Inc.,  605  17th 
Avenue,  East  Moline,  IL  61244. 


Programmer: 

Provider  Billing  Services,  Inc. 
seeks  a  programmer  to  work  in 
Denver,  CO  to,  under  close 
supervision,  engage  in  moder¬ 
ately  complex  tasks  involving 
the  development  of  medical 
billing  computer  software  appli¬ 
cations  that  run  on  JBOSS  appli¬ 
cation  server  with  MySQL  rela¬ 
tional  database.  Convert  project 
specifications  and  statements  of 
problems  and  procedures  to 
detailed  Unified  Modeling 
Language  (UML)  for  coding. 
Code,  test  and  debug  the  appli¬ 
cations.  Utilize  Java  Swing, 
J2EE,  ANSI  standard  X12 
Electronic  Data  Interchange, 
EJB/CMP  (container  managed 
persistence),  Aspect  Oriented 
Programming  (AOP),  NetBeans 
IDE  and  CVS  version  control  in 
development  process.  Requires 
a  Bachelor's  or  foreign  equiva¬ 
lent  in  computer  science;  work¬ 
ing  knowledge  of  technologies 
listed  in  the  job  description. 
Respond  by  resume  to  James 
Peterson.  Provider  Billing 
Services,  500  E.  84th  Ave.  Ste. 
C-6,  Denver,  CO  80229. 


Z3  Technologies,  Inc.  a  fast 
Growing  software  firm  is  looking 
for  a  Computer  consultant: 
Should  have  bachelor’s  degree 
in  computer  science/related 
field  with  2  years  experience  in 
Requirement  Analysis,  Design 
and  development.  Resolving 
the  technical  issues.  Progra¬ 
mming  in  Sun  Solaris,  AIX,  HP- 
UX,  HACMP/ES,  IBM  RS/6000, 
IBM  SP2,  Lotus  Domino, 
Win2k,  WinNT,  and  experi¬ 
enced  on  various  IBM  plat¬ 
forms.  We  accept  foreign  edu¬ 
cation  equivalent  of  the  degree, 
or  the  degree  equivalent  in  edu¬ 
cation  and  experience.  Send 
resume  and  covering  letter  to: 
Z3  Technologies.  Inc  1803 
Shepherd  Ct  335  Waukesha. 
WI-53186; 

resumes@z3tech.com 


Prog/Analysts  to  analyze, 
design,  develop  and  maintain 
custom  business  appls  in  client 
server  environment  using  C, 
Java,  EJB,  JSP/Servlets,  XML, 
VisualAge,  Weblogic,  COBOL, 
CICS,  Oracle,  etc:  design/devel¬ 
op  enterprise  applsincluding 
B2Band  B2Cfor  multi  OSs; 
design, develop  Java  applets  & 
run  batch  process  to  generate 
reports;  perform  code  develop¬ 
ment,  quality  control  testing  and 
performance  tuning  in  a  project 
lifecycle.  Require  Bachelor's 
Degree  or  foreign  equiv  in  CS / 
Engineering  (any  branch)  or 
related  field  with  2  yrs  exp  in  the 
software  industry.  High  salary, 
f/T.  some  travel  involved 
Resumes:  HR,  Opal  Soft,  Inc 
3150  Almaden  Expwy  Ste  205, 
San  Jose,  CA  95118 


Full-time  OpenHR  Protect 
Manager.  Manage  the  design, 
development,  implementation 
and  support  of  OpenHR  SAP 
module  projects  throughout  the 
U.S..  utilizing  in  depth  knowl¬ 
edge  of  external  interfaces  in 
the  area  of  SAP  HR  reporting, 
org  charting,  org  mngmnt. 
Comp,  mngmnt  and  Benefits, 
Recruitment,  Expenses.,  Time 
mngmnt,  ESS  and  MSS;  man¬ 
age  tech,  config.  of  projects  and 
provide  tech,  oversight  to  team 
of  specialized  consultants 
responsible  for  integrating 
OpenHR  solutions  utilizing 
expertise  in  ASP,  JSP.  scripting, 
XML,  DCOM,  JCO,  ABAP,  SAP 
Data  Dictionary,  BAPI  s,  RFC  s, 
SAP  portal,  work  flow  and  user 
authentication  methods;  serve 
as  chief  liaison  with  clients  and 
develop  new  project  opportuni¬ 
ties.  Must  have  a  B.S.  or  higher 
degree  or  foreign  equiv.  in  IT  or 
a  related  field  and  at  least  4 
years  of  experience  as  SAP  HR 
Programmer,  including  at  least 
2.5  years  experience  in  imple¬ 
mentation  and  configuration  of 
OpenHR  framework  or  similar 
technology.  Must  be  willing  to 
travel  to  client  sites  M-F,  and 
have  proof  of  legal  authority  to 
work  in  the  United  States.  Apply 
to:  Todd  Middlemis,  Managing 
Director,  OpenHR  America  LLC, 
772  Edgewood  Ave.  NE, 
Atlanta,  GA  30307 


SOFTWARE  DVLPR/CONSUL- 
TANT:  Dsgn  &  dvlp  client/server 
&  web-based  comp,  applns 
using  C#.  Visual  Basic, 
COM+/DCOM,  MTS,  HTML/ 
DHTML.  Oracle,  XML/XSL,  & 
JavaScript  on  Windows  plat¬ 
form.  Convert  project  specs  & 
statements  of  problems  &  proce¬ 
dures  to  detailed  logical  flow 
charts  for  coding  into  comp,  lan¬ 
guage.  Dsgn  &  dvlp  Digital 
Dashboards  using  sharepoint 
portal  server.  Dvlp  &  write 
comp,  progs,  to  store,  locate.  & 
retrieve  specific  docs,  data  & 
info.  Work  w/Enterprise  appln 
integration  tools.  Create  content 
mgmt  tools  &  mgmt  systems. 
Program  web  sites.  BS  in  Elec. 
Engrng  or  Comp  Sci.  reqd  +  3 
yrs  in  position  offered  or  as  a 
Prog.  Analyst,  Sys.  Analyst  or 
Sftwr  Engnr.  Must  have:  (1) 
Microsoft  certification  in 
Frontpage  98  &  Visual  Inter. 
Dev.  6.0;  &  (2)  exp.  w/SQL 
Profiler,  Dvlpr  2000,  Web  ser¬ 
vices,  TOAD.  Sharepoint  portal, 
biztalk  server  &  Dreamweaver 
Mx.  High  mobility  preferred.  40 
hrs/wk,  OT  as  reqd.  8  am  -  5  pm, 
$64.240/yr.  Qualified  applicants 
please  submit  resume  to  Site 
Manager.  Beaver  County  Career 
Link,  2103  Ninth  Avenue, 
Beaver  Falls,  PA  15010-3957 
Please  refer  to  Job  Order  No 
WEB  351036. 


Systems  Analyst  to  design  and 
develop  computer  software  prod¬ 
ucts  (Total  Report  Management 
Solutions)  using  C,  Visual  C++, 
Java,  Servlets,  HTML,  XML  and 
Javascript  on  Windows  based, 
Solaris,  Linux  &  OS  390  plat¬ 
forms.  Analyze  software  &  user 
requirements:  alternative  solu¬ 
tions;  design/  implement  soft¬ 
ware  systems;  enhance  TRMS 
products;  coding  standards, 
design  documents,  test  proce 
dures  &  QA  test  guidelines 
develop  integrated  HELP  and 
product  documentation.  Test 
TRMS  products  using  Jprofiler, 
Jprobe,  Bounds  Checker.  Purify 
on  Tomcat,  Apache,  Iplanet  and 
IBM  Websphere  web  servers  on 
Windows  and  UNIX  platforms 
Implement  TRMS  products  ;r 
ASP,  COM,  NET  C  and  C++  or, 
Windows.  Design  AP'  based 
TRMS  for  Java.  ASP  and  COM 
objects.  BS  in  Science  or 
Engineenng  ♦  5  yrs  exp.  In  Job 
Duties  Apply  Confident  Software 
Inc.,  4195  Fellowship  Road, 
Tucker,  GA  30084-4613  with 
proof  of  work  authorization 
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SAP  Analyst  -  Analyze  user 
requirements,  procedures  and 
problems  to  customize  SAP's 
client/server  systems  for  cus¬ 
tomers  Analyze  current  opera¬ 
tional  procedures,  identify  prob¬ 
lems,  and  write  detailed  descrip¬ 
tions  of  user  needs,  program 
functions,  and  steps  req'd  to 
develop  or  modify  SAP  comput¬ 
er  systems.  Must  have  at  least 
two  years  experience  as  SAP 
Consultant  or  Systems  Analyst 
Apply  to:  BrightStar,  6601 
Owens  Dr.,  Suite  115, 
Pleasanton.  CA  94588,  ATTN: 
HR.  or  e-mail  to: 
jobs@brightstar.com. 


Genesys  Conferencing  seeks 
applicants  for  the  position  of 
Database  Administrator  in 
Highlands  Ranch,  CO  to  design, 
install,  maintain  and  administer 
Informix.  Sybase  and  SQL/ 
Server  relational  database  man¬ 
agement  systems  Require¬ 
ments  for  this  position  include 
bachelor's  in  computer  science 
or  related  field  and  DBA  experi¬ 
ence  as  well  as  working  knowl¬ 
edge  of  managing  multiple  pro¬ 
duction  Informix,  SQL/Server 
and  Sybase  servers  and  SQL 
Backtrack.  Respond  by  resume 
to  Cheryl  Dorman,  Genesys 
Conferencing,  9139  S.  Ridgeline 
Blvd..  Highlands  Ranch,  CO 
80129. 


Systms  Anlyst:  Eval,  anlyz. 
desgn,  instil,  maintn,  &  monitr 
netwrk  systm,  applctn  prgrms, 
security  standrds  &  maint'nce 
procedrs  utilzng  LAN,  WAN, 
Exchnge  Servrs,  Oracle,  SQL. 
WebServr,  Cisco  Routrs,  Lotus, 
Linux  &  Win  opertng  systms. 
Provd  techl  &  docmnt  support. 
Bach  or  equiv  in  Comp.  Sci., 
Elec./Comp  Engg  +  2  yrs  exp  in 
job  duties.  Resp:  Sky  Bird  Travel 
8  Tours,  Inc.,  Attn:  HR  Manager, 
26500  NW  Highway,  Ste#  260, 
Southfield,  Ml  48076  Fax  248- 
372-4806  e-mail: 
jobs@skybird-travel.com  (Ref  to 
Job  Code  #  ANI3) 


SBI  is  looking  for  the  following 
positions  for  its  offices  in 
Houston,  TX,  San  Francisco, 
CA,  Warren,  NJ,  Salt  Lake 
City,  UT  and  Portland,  OR: 
Programmer  Analysts,  Tech¬ 
nical  Architects,  Technical 
Consultants,  Business  Strate¬ 
gists,  Systems  Analysts,  Soft¬ 
ware  Engineers,  Art  Director, 
resumes  by  email  or  fax  only 
to  HR.  SBI  2825  East 
Cottonwood  Parkway,  Suite 
480,  Salt  Lake  City,  UT 
84121: 

careers@sbiandcompany.com; 

Fax  (801)733-3201. 


Western  Computer  is  look¬ 
ing  for  Hardware  Engineer/ 
Senior  Developer  to  pro¬ 
gram  manage,  provide  pro¬ 
gramming.  design,  develop 
and  analyze  customer  pro¬ 
gramming  projects  and  to 
develop  hardware  inter¬ 
faces  Please  send  resume, 
salary  requirement  to 
I  Western  Computer,  Atten¬ 
tion:  Diane,  960  Enchanted 
Way.  Simi  Valley.  CA  93065 
or  email  at 

d.ai  we@w«sU>mounnputor  com 


PROGRAMMER  ANALYSTS 
for  Worth,  IL  office.  Design  & 
Develop  software  applications 
using  C++,  Oracle,  Sybase, 
XML,  UML,  Coolgen,  Inter¬ 
woven,  ClearCase,  Clear- 
Quest,  ITS,  PVCS,  UNIX. 
Bachelors  req'd  in  Computers, 
Engineering,  math  or  any 
related  field  of  study  +2  yrs  of 
related  exp.  40  hrs/wk.  Must 
have  legal  authority  to  work 
permanently  in  the  U  S.  Send 
resume  to  HR  Manager,  Core 
Infosys  Technologies,  Inc., 
7179  West  111th  St,  Worth,  IL 
60482 


Software  Engineers  and 
Programmer  Analysts  for 
S/W  company  in  Chicago, 
IL.  All  positions  require 
Bachelor's  degree  in  Comp 
Science/  Computer  Engin¬ 
eering  or  related  field  and  1- 
3  years  related  experience. 
Send  resume  to 
SystemGuru  Inc,  500  North 
Michigan  Avenue,  Suite  300, 
Chicago,  IL  60611.  Attn: 
Sowjanya  Manacha. 


PROGRAMMER  ANALYSTS 
for  Springfield,  IL  office.  Design 
&  Develop  software  applica¬ 
tions  using  C++,  Oracle, 
Sybase,  XML,  UML,  Coolgen, 
Interwoven,  ClearCase,  Clear- 
Quest,  ITS,  PVCS,  UNIX. 
Bachelors  req'd  in  Computers, 
Engineering,  Math  or  related 
field  of  study  +2  yrs  of  related 
exp.  40  hrs/wk.  Must  have 
legal  authority  to  work  perma¬ 
nently  in  the  U.S.  Contact  HR 
Manager,  Global  Infotech 
Solutions,  Inc,  826  West 
Laurel,  Suite  IB, Springfield, 
IL-62704 


Seeking  qualified  applicants  for 
the  following  positions  in  Orlando, 
FL:  Senior  Programmer  Analyst. 
Formulate/define  functional 
requirements  and  documentation 
based  on  accepted  user  criteria. 
Requirements:  Bachelor's  degree 
or  equivalent  in  computer  science, 
MIS.  engineering  or  related  field 
plus  5  years  of  experience  in  sys¬ 
tems/applications  development. 
Experience  with  C++,  UNIX  and 
Shell  Scripting  (Unix  Shell  Script 
or  Perl  Script)  also  required. 
(Master's  degree  in  appropriate 
field  will  offset  2  years  of  general 
experience.)  Submit  resumes  to 
Sibi  George,  FedEx  Corporate 
Services.  1900  Summit  Tower 
Blvd  ,  Suite  1400,  Orlando,  FL 
32810.  EOE  M/F/DAA 


SYSTEM  ANALYSTS  for 
Chicago,  IL  office.  Design. 
Analyze  &  Implement  software 
applications  to  support 
EH&S/MM/HR/QM/PP  modules 
in  SAP  R/3  environment  using 
ABAP/4.BAPI,  ALE.  LSMW. 
BDC,  DCOM,  RFC.  Oracle, 
IDOCS.  Data  Interface,  User 
Exits,  C++,  Perl  and  Shell  script¬ 
ing  Bachelors  required  in 
Computers.  Engineering  or 
related  field  of  study  +  2  yrs  of 
related  experience  40  hrs/wk 
Must  have  proof  of  legal  author¬ 
ity  to  work  permanently  in  the 
U.S.  Please  send  resume  and 
cover  letter  to  HR  Manager, 
Masterminds  Global  Solutions, 
LLC.  6000  Fairview  Road, 
#1200,  Charlotte.  NC  28210 


Full  time  position  to  work  as 
Programmer  Analyst,  Exper¬ 
ience  in  ISQL,  SQL,  PL/  SQL, 
ABAP/4,  Visual  Basic,  SQL 
Server  2000/7.0,  Oracle 
7,x/8.x,  Erwin,  Taboxp,  TOAD, 
DBArtisian,  requires  Bach¬ 
elor's  degree  in  Computer 
information  systems  or 
Engineering  or  equivalent  and 
2  years  of  experience  in  the 
job  offered.  Applicants  sent 
resume  to  Vital  Sciences,  Inc. 
13878  Golden  Saddle  Court, 
Carmel,  IN  46032. 

Programmers  &  Software 
Engineers  to  analyze,  design, 
develop  and  test  apps.  in  (a) 
J2EE  technologies  and  related 
tools.  EJB,  Websphere.  XML, 
XSL,  RDBMS,  Unix,  Clearcase; 
(b)  Mainframes,  COBOL,  CICS, 
JCL,  DB2,  Java,  JDBC,  JSP, 
Servlets;  (c)  VB,  ASP,  .NET 
Framework,  COM+,  _Java- 

script/DHTM,  SQL.  Server  and 
related  Microsoft  technologies; 
(d)  EAI,  Webmethods  Enterprise 
and  Integration,  ColdFusion, 
SeeBeyond,  JMS,  JMX,  Oracle. 
US  Workers  only.  Consulting 
positions  requiring  travel. 
Prevailing  wage/benefits.  Send 
resume  to  H.R.  4208  Van  Buren 
Dr.  #139,  West  Des  Moines  IA 
50266.  EOE 

Programmers  to  analyze/devel¬ 
op  software  appls  using  Oracle 
Apps,  Oracle,  PL/SQL,  Dev 
2000,  etc  under  Windows/UNIX 
OS;  assist  in  customizing  and 
migrating  Oracle  App;  customize 
Forms/Reports  using  Oracle 
Application  standards;  docu¬ 
ment  development  process. 
Require:  BS  or  foreign  equiv.  in 
CS/Engg.  (any  branch)  &  6 
months  of  exp.  In  lieu  of  BS, 
3yrs  of  academic  studies 
towards  a  Bachelor's  degree 
plus  1  yr  of  exp  in  IT  will  be 
accepted.  Travel  involved.  F/T 
position.  Competitive  salary. 
Resume  to:  HR,  Quest 

America.lnc.,  211  East  Ontario 
Street,  Suite  1800,  Chicago,  IL 
60611 
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News 


What’s  ahead  for  Foundry  in  Wi-Fi 


•  A  crowded  field 

Wi-Fi  gear  has  been  established  in  corporations  for  several  years,  and 
it  will  be  hard  to  force  a  swap-out  in  existing  networks. 

•  Out  of  focus? 

While  known  as  a  high-performance  wire-line  switch  vendor,  Foundry  is 
diverging  from  its  roots.  Will  it  work? 

•  Late  in  the  game 

Key  rivals  Extreme,  HP  and  Nortel  all  announced  Wi-Fi  strategies  earlier 
this  year. 


Standardize 

It’s  anticipated  that  Foundry  will  take  advantage  of  standards-based 
802.11  technologies  that  have  only  recently  evolved  for  corporations,  such 
as  802.1x  and  802. 11g. 

•  Easy  upgrades 

Foundry  will  reportedly  add  WLAN  switch  features  to  its  gear  through  firm¬ 
ware  upgrades,  instead  of  requiring  new  switches,  as  some  competitors  do. 

•  Wired  extension 

It's  expected  that  Foundry’s  market  sweet  spot  will  be  existing  switch 
customers  looking  to  unify  Wi-Fi  and  wired  Ethernet. 


Foundry 

continued  from  page  1 

Industry  watchers  and  cus¬ 
tomers  have  anticipated  such 
developments  from  Foundry, 
which  has  been  mum,  as  rivals 
such  as  Enterasys,  Extreme 
Networks,  HP  and  Nortel  have 
unveiled  access  point  and 
WLAN  switch  products  earlier 
this  year. 

“We’re  excited  to  be  getting  the 
Foundry  [wireless]  products,” 
says  Richard  Nelson,  director  of 
information  processing  at  the 
University  of  Southern  Cali¬ 
fornia’s  Information  Sciences 
Institute  (USC-ISI),  a  supercom¬ 
puting  research  center.  Foundry’s 
WLAN  access  points  are  slated 
for  a  beta  test  at  the  USC-ISI, 
which  runs  a  network  of 
Foundry  switches  for  desktop 
connections,  as  well  as  Gigabit 
and  10G  Ethernet  in  the  core. 
Cisco  Aironet  WLAN  equipment 
also  is  installed.  Depending  on 
how  the  beta  test  goes,  Nelson 
says  he  might  keep  a  dual-Cisco/ 
Foundry  Wi-Fi  network,  or  opt  for 
an  all-Foundry  infrastructure. 

Wireless  access-point  manage¬ 
ment  is  sometimes  difficult,  he 
adds,  because  there  is  no  easy 
way  to  combine  management 
functions  of  his  Foundry  wired 
and  Cisco  wireless  gear.  Having 


WLAN  and  wired  LAN  gear  act 
seamlessly  as  one  system  is 
something  Nelson  says  he  has 
been  hoping  for. 

“The  ability  to  add  wireless 
management  to  switches 
through  a  software  upgrade  is 
also  interesting,”  Nelson  says, 
because  his  organization  won’t 
have  to  buy  new  network  gear  to 


manage  the  access  points. 

Foundry  next  month  is  expect¬ 
ed  to  release  WLAN  access  points 
that  will  support  IEEE  802.11a 
(54 M  bit/sec),  802.11b  (11M 
bit/sec)  and  802. 1  lg,  which  sup¬ 
ports  speeds  up  to  54M  bit/sec. 

It’s  expected  that  Foundry’s 
access  points  will  support  802.3af 
PoE  standard,  letting  the  devices 


receive  AC  power  and  Ethernet 
connectivity  over  a  single  Cat¬ 
egory  5  or  6  wire.  Competitors 
such  as  3Com,  Avaya,  Cisco  and 
HP  offer  POE  access  points  and 
switches.  The  access  points  will 
work  with  Foundry’s  FbE  switch¬ 
es,  which  the  company  released 
in  March,  or  any  other  802.3af- 
compliant  products.  For  security 
802. lx  port  authentication  will  be 
included  in  the  access  points, 
allowing  the  devices  to  force 
authentication  at  the  connection 
level  through  a  RADIUS  server. 

In  the  fourth  quarter,  Foundry 
plans  to  release  software  up¬ 
grades  for  its  Fasti  ron  stackable 
switches  that  will  let  boxes  man¬ 
age  and  configure  Foundry  ac¬ 
cess  points  attached  to  the  switch. 
Industry  watchers  familiar  with 
Foundry’s  plans  say  the  upgrade 
basically  will  turn  any  Foundry 
stackable  into  a  WLAN  switch, 
with  security  management  and 
roaming  management  features 
comparable  to  those  in  products 
from  Aruba  Networks,  AirSpace, 
Extreme,  HPNortel  and  Trapeze. 

Sources  say  Foundry  will 
extend  its  WLAN  switch  software 
to  its  chassis  switches  in  the  first 
quarter  of  next  year.This  addition 
will  allow  gear  such  as  Biglron 
and  Fastlron  core  switches  to 
have  WLAN  control  and  configu¬ 
ration  capabilities. 


www.nwfusion.com  [ 

Foundry  would  not  respond  to 
specific  questions  on  the  unan¬ 
nounced  products,  but  said  it  is 
developing  a  Wi-fi  strategy  with 
products  to  be  announced  next 
month. 

Foundry’s  wireless  jump  fol¬ 
lows  similar  moves  this  year  from 
competitors  Extreme  and  HP 
And  in  the  second  quarter, 
Enterasys  announced  new  ASIC 
architecture  that  lets  its  gear  pro¬ 
vide  some  of  the  security,  quality 
of  service  and  manageability  fea¬ 
tures  that  WLAN  switches  offer. 

“Wireless  is  a  move  Foundry  has 
to  make,”  says  Zeus  Kerravala,  an 
analyst  with  The  Yankee  Group. 
While  not  commenting  specifi¬ 
cally  on  any  of  Foundry’s  antici¬ 
pated  Wi-fi  products,  Kerravala 
says  wireless  would  complement 
Foundry’s  product  menu,  even  if 
the  technology  is  somewhat  out 
of  the  vendor’s  focus. 

“Foundry  has  always  been 
known  as  the  high-performance 
switch  company”  he  says.  “Wire¬ 
less  would  be  a  bit  of  a  diversion 
from  that,  but  it’s  necessary  for 
them  to  have.”  Keeping  up  with 
rivals  3Com,  Cisco,  Enterasys, 
Extreme,  HP  and  Nortel  has  a  lot 
to  do  with  Foundry’s  strategy,  he 
says.  ■ 
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closure  of  another  broad-based  user  group, 
the  International  Communications  Associ¬ 
ation  (ICA),  in  the  first  quarter  of  last  year. 

“A  widely  focused  group  like  the  CMA  is 
an  anachronism  in  this  business  climate,” 
says  Bill  Moore,  outgoing  CMA  president 
and  telecom  manager  at  The  Museum  of 
Modern  Art  in  NewYork.“The  CMA  filled  a 
viable  role  in  getting  information  out  to 
end  users,  but  over  the  years,  narrowly 
focused  groups  [including  vendor-specific 
groups]  have  come  in.  1  don’t  think  there’s 
much  of  a  pressing  need  for  widely 
focused  end-user  groups.” 

The  number  of  corporate  members,  who 
paid  dues  of  $600  per  year,  dwindled  from 
a  peak  of  150  five  years  ago  to  20  at  the 
time  of  closing.  Membership,  which  mainly 
served  user  organizations  in  the  Northeast 
surh  .is  Rutgers  University,  Sloan-Kettering 
Cancer  Center  and  Travelers,  dropped  to  75 
in  2002, two  years  after  the  group  cancelled 
its  once-popular  annual  Corporate  Net¬ 
works  conference, and  soon  after  the  Sept. 
1 1  attacks  in  New  York. 

In  his  letter  published  on  the  CMA  Web 
site,  Moore  explains  that  the  cancellation  of 
the  annual  show  “was  the  first  in  many 
blows  to  our  operation.The  CMA  struggled 
to  find  writers  for  its  quarterly  newsletter, 
the  CMA  Review,  and  battled  with  low 


attendance  numbers  to  the  nine  seminars 
it  held  each  year. 

The  closure  of  the  ICA  and  now  the  CMA, 
which  prided  themselves  on  the  network¬ 
ing  and  social  opportunities  afforded  to 
members,  has  paved  the  way  for  smaller 
groups  with  a  narrower  focus.  These  in¬ 
clude  the  Wall  Street  Technology  Associ¬ 
ation,  whose  members  are  financial  institu¬ 
tions,  or  public  policy  lobby  groups  such  as 
the  Ad  Hoc  Telecommunications  User 
Committee,  which  represents  20  corporate 
members,  including  American  Express, 
Sabre  and  Ford,  plus  the  eCommerce  & 
Telecommunications  Users  Group  (eTUG). 

“A  lot  of  organizations  like  [the  CMA  and 
the  ICA]  were  not  effective,”  says  JohnaTill 
Johnson,  president  and  chief  research  offi¬ 
cer  at  Nemertes  Research,  and  a  Network 
World  columnist.  She  recalls  being  “flabber¬ 
gasted^  the  CMAs  unwillingness  to  active¬ 
ly  lobby  the  FCC  five  years  ago  when  carri¬ 
ers  began  raising  telephone  bills  to  meet 
local-access  charge  regulation.’These  guys 
[the  CMA]  were  just  sitting  there  while 
their  constituents  were  screaming.  It  was 
then  that  1  thought  they  were  doomed. 
They’re  great  for  networking  and  socializ¬ 
ing  but  those  days  are  over]’ she  says. 

Moore  says  the  CMAs  not-for-profit  and 
tax  status  prohibited  the  group  from  being 
active  lobbyists,  although  it  did  meet  with 
guest  attorneys  to  discuss  public  policy 

The  ICA  began  to  get  into  public  policy  in 


the  late  1970s  and  early  1980s,  says  Brian 
Moir,  who  served  as  counsel  for  the  user 
group.  But  that  proved  to  be  its  undoing,  as 
it  was  difficult  mixing  the  traditional  net¬ 
working  and  social  side  of  the  group  with 
public  policy,  he  explains.  Moir  is  now 
counsel  of  eTUG,  which  was  formed  in 
2001  by  some  former  members  of  the  ICA.. 

The  Ad  Hoc  Telecommunications  User 
Committee  was  founded  in  the  1960s,  and 
members  meet  four  times  per  year  for 
intensive  sessions  that  last  a  day  and  a  half 
to  discuss  telecom  regulatory  issues.  The 
entry-level  contribution  for  membership  is 
$25,000  for  corporate  members,  which 
increases  over  time. 

“There  is  room  for  a  different  model, ’’says 
Colleen  Boothby,  a  partner  at  LB3,  the  law 
firm  that  represents  Ad  Hoc,  whose  mem¬ 
bers  seek  to  influence  regulatory  deci¬ 
sions.  “A  group  can  be  more  substantive 
and  concentrate  on  making  an  impact.  At 
Ad  Hoc,  there  are  no  trade  shows,  no  golf 
tournaments,  no  entertainment  —  just  sub¬ 
stantive  meetings.” 

The  decade-old  Network  Professional 
Association  (NPA)  is  another  broad-based 
user  group  but  its  members  are  individual 
network  executives  rather  than  companies. 
Executive  Director  Steve  Delahunty  says 
the  NPA  has  suffered  from  shrinking  mem¬ 
bership  numbers,  down 
from  more  than  10,000  in  its 
heyday  of  the  late  1990s,  to 


fewer  than  2,000  today.  Like  the  CMA,  the 
NPA  in  1994  also  was  forced  to  cancel  its 
annual  conference. 

“We’re  at  the  core  level  of  our  member¬ 
ship,”  Delahunty  says,  citing  the  economy,  a 
reduction  in  membership  benefits  (al¬ 
though  he  says  the  NPA  has  added  more 
benefits  in  recent  years),  and  a  reduction 
in  interest  in  professional  associations,  as 
reasons  for  the  decline  in  membership. 

Users  also  are  disillusioned  with  some 
associations.  Ray  Barnard, CIO  at  Fluor, one 
of  the  world’s  largest  publicly  owned  engi¬ 
neering  groups, says  he  has  dropped  out  of 
a  few  organizations.  “Most  associations 
continue  to  focus  on  too  much  IT  techni¬ 
cal  stuff  and  not  enough  business/transfor¬ 
mation  with  my  customer  stuff.” 

“We  also  have  a  credibility  problem  with¬ 
in  IT  —  lack  of  results  from  massive  ERP 
expenditures,  questions  around  true  Y2K 
requirements  that  did  not  transpire  and  the 
dot-com  bust,”  he  says.  “All  of  this  drives  a 
hesitation  to  spend  money  on  associations 
vs.  saving  that  money  or  spending  else¬ 
where  in  conjunction  with  CFO/CEO  per¬ 
spectives  and  participation." 

As  the  CMA  directors  look  into  the 
legal  issues  surrounding  the  closure, 
Moore  says  some  members  are  consid¬ 
ering  setting  up  a  smaller,  less  formal 
group  that  will  share  expe¬ 
riences  and  perhaps  tackle 
public  policy.  ■ 
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Management  Network  Group, 
says  the  research  firms  findings 
show  that  about  a  quarter  of  busi¬ 
nesses  are  ready  to  switch  pro¬ 
viders  once  portability  becomes 
available  and  about  half  of  those 
companies  say  they’ll  switch 
within  90  days  of  portability  going 
into  effect. 

Analysts  encourage  customers 
to  explore  new  opportunities  but 
warn  them  not  to  necessarily 
jump  right  away,  before  kinks  are 
worked  out  of  the  new  system. 

Down  to  the  wire 

The  FCC  is  mandating  that  car¬ 
riers  support  wireless  number 
portability  in  the  top  100  cities  in 
the  U.S.in  November.The  remain¬ 
ing  cities  are  expected  to  come 
online  in  the  following  six 
months. 

As  the  FCC  deadline  nears,  wire¬ 
less  carriers  have  stepped  up 
their  efforts  to  ensure  that  porta¬ 
bility  happens  on  their  terms. 
They  repeatedly  stress  the  high 
cost  involved  in  supporting  porta¬ 
bility:  The  Cellular  Telecommuni¬ 
cations  and  Industry  Association 
(CT1A)  estimates  that  carriers  will 
spend  almost  $1  billion  to  up¬ 
grade  their  networks  to  support 
wireless  number  portability  and 
$500  million  per  year  every  year 
thereafter. 

Just  last  month,  a  band  of  ser¬ 
vice  providers  dubbed  the  Wire¬ 
less  Carrier  Group  filed  a  docu¬ 
ment  with  the  FCC  calling  for 
new  rules  and  regulations  that 
will  let  all  carriers  impose  ser¬ 
vice  fees  and  restrictions  on 
customers  that  want  to  ditch 
their  carriers  but  hang  on  to 
their  numbers.  Group  members 
include  Alltel,  AT&T  Wireless, 
Cingular  Wireless,  Nextel  Com¬ 
munications  and  Sprint  PCS. 

Conspicuously  absent  from  the 
anti-portability  pack  is  Verizon, 
which  filed  a  document  with  the 
FCC  refuting  the  Wireless  Carrier 
Groups  claims  that  fees  and  re¬ 
strictions  are  needed. 

Verizon,  the  largest  wireless  ser¬ 
vice  provider  in  the  U.S.  with  33 
million  users,  once  vehemently 
opposed  portability.  In  fact,  Veri¬ 
zon  and  the  CT1A  in  June  had 
their  attempt  to  sue  the  FCC  over 
portability  shot  down. 

Since  then,  Denny  Strigl.CEO  of 
Verizon  Wireless,  has  been  quot¬ 
ed  by  the  Associated  Press  saying, 
"I  don't  intend  to  stand  in  the  way 
of  having  local  number  portabili¬ 
ty  become  a  reality-  on  Nov.  24.” 

Despite  the  lack  of  FCC  com¬ 
ment  regarding  the  latest  de- 


Hindering  portability 

Alltel,  AT&T  Wireless, 
Cingular  Wireless,  Nextel 
and  Sprint  PCS  proposed 
these  barriers  to  wireless 
number  portability  in  a 
document  filed  with  the  FCC. 


• 

Imposing  fees  to  transfer 
numbers  between  carriers. 

• 

Refusing  transfers  for  all  users 
with  outstanding  balances. 

• 

Number  porting  only  can 
happen  during  certain  hours 
of  the  day. 

• 

Refusing  porting  requests  if  user 
information  does  not  match 
exactly  (for  example,  address  is 
St.  Marks  Ave.,  but  new  carrier 
has  Saint  Marks  Ave.). 

mands  from  other  wireless  carri¬ 
ers,  some  customers  already 
could  be  paying  surcharges  relat¬ 
ed  to  wireless  number  portability 
(some  observers  speculate  carri¬ 
ers  actually  will  turn  a  profit  on 
these  surcharges). 

Cingular,  Nextel  and  Sprint  PCS 
have  started  or  plan  to  hit  cus¬ 
tomers  with  monthly  surcharges 
to  recover  expenses  associated 
with  number  portability  The  fees 
range  from  $1.10  to  $1.55  per  line 
and  would  be  in  addition  to  those 
the  Wireless  Carrier  Group  hopes 
the  FCC  will  let  them  charge. 

Verizon  Wireless  says  it  might 
charge  users  10  to  15  cents  to  re¬ 


cover  some  of  the  costs  associat¬ 
ed  with  supporting  portability 
once  the  feature  is  available.  Strigl 
told  the  Associated  Press  that  the 
company  has  spent  about  $50 
million  to  prepare  for  local  num¬ 
ber  portability 

Putting  on  pressure 

While  carriers  are  zeroing  in  on 
the  price  of  portability,  analysts 
say  they  really  should  be 
focused  on  improving  their  ser¬ 
vices.  A  recent  J.D.  Power  and 
Associates  survey  of  16,800  wire¬ 
less  users  found  an  average  of 
9%  of  calls  are  affected  by  static 
or  other  interference  and  8%  get 
dropped  or  disconnected. 

“Large  companies  will  leverage 
[portability]  as  a  negotiating  tool 
for  some  groups  of  subscribers 
that  aren’t  happy” says  Bob  Egan, 
founder  and  CEO  of  consulting 
firm  Mobile  Competency 

“In  the  case  of  Sprint  PCS,  AT&T 
Wireless  and  Cingular,  they  have 
some  pretty  unhappy  [users] 
from  a  customer  service  per¬ 
spective.  Those  companies  will 
likely  be  impacted,”  he  says. 

Users  who  are  frustrated  with 
their  current  providers  “always 
think  the  grass  is  greener  with 
another  carrier,  but  that  may  not 
be  the  case,”  says  Phil  Redman, 
an  analyst  at  Gartner.  Users  might 
find  similar  problems  with  other 
carriers,  especially  if  the  issues 
are  related  to  billing  or  customer 
service,  he  says. 


Intrust’s  Rooney  says  he  is  con¬ 
sidering  jumping  ship,  but  not  in 
November.”!  feel  that  by  January 
or  February  things  will  have  set¬ 
tled  down,  bugs  will  have  been 
worked  out,  and  the  new  com¬ 
petitive  rate  plans  will  be  estab¬ 
lished." 

Analysts  say  waiting  is  probably 
a  good  idea  for  most  users. 

“Go  through  the  RFP  process 
and  wait  at  least  six  months" 
after  wireless  number  portability 
is  available  before  trying  to  port 
hundreds  or  thousands  of  user 
phone  numbers  to  another  car¬ 
rier,  Redman  says. 

And  once  companies  decide 
to  go  down  the  path  of  porting 
numbers,  they  should  keep  a  few 
things  in  mind,  Redman  says. 
When  signing  a  new  contract, 
they  should  ask  for  specific  ser¬ 
vice-level  agreements  that  apply 
to  future  number  transfers.  When 
they  cancel  an  existing  contract, 
they  should  clearly  inform  their 
carriers  that  they  plan  to  take 
their  numbers. 

Customers  also  should  note  that 
standard  contract  terms  apply. 
While  any  customer  can  break  a 
contract  and  port  all  its  wireless 
phone  numbers  to  another  carri¬ 
er,  the  customer  typically  will 
incur  early  termination  charges. 

For  many  companies,  portabili¬ 
ty  is  not  expected  to  be  a  whole¬ 
sale  ditch-and-run  maneuver. 
Some  are  simply  looking  for  more 
flexibility 

“I  will  definitely  look  at  more 
options  once  I  have  the  ability  to 
carry  the  number  that  I  have 
used  for  the  past  seven  years  to 
any  carrier  other  than  AT&T 
Wireless,”  says  Ron  Leighton,  a 
network  consultant  at  a  large 
switch  vendor  he  requested  not 
be  named. 
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“There  have  been  times  when 
AT&T  has  not  had  the  best 
plans.  However,  I  have  had  my 
number  so  long  that  it  would  be 
very  detrimental  to  switch."  he 
says. “The  lack  of  number  porta¬ 
bility  has  given  the  providers  a 
hook.” 

Pieter  Schoehuijs,  director  of 
worldwide  IT  infrastructure  at 
Flowserve,  a  manufacturer  of 
pumps, seals  and  valves  in  Irving, 
Texas,  says  “[portability]  is  a  big 
deal  for  us.”  He  supports  1,200 
wireless  users  and  says  the 
majority  use  AT&T  Wireless. 

“We  have  a  lot  of  people  who 
do  not  want  to  change  to  our 
current  provider  because  they 
will  lose  their  cell  phone  num¬ 
ber,”  he  says. 

“We  also  have  people  who 
have  been  with  AT&T  Wireless 
for  a  long  time  and  are  in  an  area 
where  they  would  get  better  ser¬ 
vice  coverage  from  another 
provider,”  he  adds. 

Portability  will  make  these  types 
of  changes  much  easier,  he  says. 

“  [It]  allows  users  to  take  off  the 
handcuffs  that  were  binding 
them  to  one  provider.  They  will 
be  able  to  negotiate  service  con¬ 
tracts  that  better  fit  their  needs,” 
Mobile  Competency’s  Egan  says. 

Most  analysts  expect  customer 
churn  rates  to  surpass  the  cur¬ 
rent  industry  average  —  which 
IDC  pegs  at  2.5%  per  month  — 
soon  after  the  new  rules  take 
effect. 

But  most  also  expect  customer 
turnover  to  stabilize  near  pre¬ 
portability  rates  before  long. 
That’s  what  happened  in  Europe 
and  Asia  when  portability  was 
instituted.  ■ 
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Company  offers  online 
rights  mgmt.  service 

■  BY  JOHN  COX 

A  software  package  for  managing  online  digital-content  rights  and 
access  is  being  offered  as  a  hosted  service. 

The  eRights  Suite,  from  eMeta,is  at  the  heart  of  the  company’s  recent¬ 
ly  launched  eRightsWeb.The  software  lets  companies  that  offer  online 
content,  such  as  news  stories,  images  or  software,  sell  or  license  this 
content  and  manage  the  full  range  of  customer  interactions,  such  as 
signing  up  subscribers  and  checking  credit  cards. 

A  range  of  big  content  sites,  such  as  McGraw-Hill  and  The  New  York 
Times,  use  the  eRights  Suite. 

The  hosted  service  is  designed  to  make  these  same  capabilities  fea¬ 
tures  available  quickly  and  at  a  lower  cost  to  a  larger  group  of  smaller 
content  providers,  says  Jonathan  Lewin,  founder  and  CTO  for  eMeta, 
which  was  founded  five  years  ago. 

As  a  managed  service,  eRightsWeb  lets  companies  deploy  digital 
rights  management  quickly,  with  a  relatively  small  capital  outlay  The 
software  can  manage  subscriptions,  pay-per-view,  pay-per-click,  promo¬ 
tions,  gifts,  free  trials  and  special  offers. 

Content  companies  simply  have  to  add  an  eMeta  plug-in  to  their  Web 
site  application  server.The  added  code  intercepts  an  incoming  request 
and,  if  the  request  is  for  protected  digital  content,  redirects  it  to  the 
hosted  site  for  processing  by  the  eMeta  server.The  service  is  designed 
so  customers  can  finish  their  transactions  quickly 

The  package  costs  $10,000,  plus  an  additional  10%  of  all  revenue  gen¬ 
erated  by  use  of  the  eMeta  software.  ■ 
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Linux  is  in  the  on  demand  world. 


We  can.  That’s  why  IBM  has  devoted  a  tremendous  amount  of  resources  to  Linux 
We  have  over  7,000  IBMers  working  on  Linux-related  projects.  Thousands  of  Linux 
customer  engagements.  And  more  Linux-enabled  software  than  anyone.  To  learn 
more  about  IBM,  Linux  and  visit  ibm.com/linux/seeit 


IBM.  the  e-business  logo  and  e-business  on  demand  are  trademarks  or  registered  trademarks  ot  International  Business  Machines  Corp  in  the  United  States 
and  or  other  a  ux  is  a  registered  trademark  of  Linus  Torvalds  in  the  United  States  and/or  other  countries.  '<  2003  IBM  Corporation  All  rights  reserved. 
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Maximizes  oxygen  at  altitude  for  greater  efficiency. 


- 


I M  #1  BP 


MLcfi': 


‘ 

r  *  .  S'Z  till 


'H  : 


r-'-.v 


(©server 


IBM  the  e  business  logo,  eServer  and  xSeries  are  trademarks  or  registered  trademarks  ot  International  Business  Machines  Corporation  in  the  United  States 
and,  or  other  countries.  Intel,  the  Intel  Inside  logo  and  Intel  Xeon  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United 
States  and  other  countries.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2003  IBM  Corporation.  All  rights  reserved. 
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Runs  Linux  to  optimize  business  efficiency.  On  demand. 


The  human  body  is  amazingly  efficient.  So  is  an  IBM  eServer 
xSeries®  system  running  Linux?  Powered  by  Intel®  Xeon™ 
processors,  xSeries  servers  for  Linux  can  have  low  start-up 
costs.  Low  admin  costs.  Low  overall  costs.  Helping  you  to 
improve  your  business  efficiency.  For  an  IDC  white  paper  on 
Linux  and  Intel  processor-based  servers,  go  to  the  URL  below. 

eServer:  servers  for  on  demand  business. 

Can  you  see  it?  See  it  at  ibm.com/eserver/efficiency 


IBM  eServer  xSeries  for  Linux 

•  Tower,  racks,  blades 

•  1-way  to  8- way 

•  Built-in  self-managing  capabilities 
•3,500  xSeries  Linux-enabled 

applications 
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Solutions  to  spam 


his  week  we  will  return  to  the 
subject  that  I  abandoned  a  few 
weeks  ago  in  favor  of  exploring 
business  ethics  and  the  dark  and 
tawdry  world  of  MCI  (keep  the  letters 
coming!). The  topic  we  left  was  spam 
and  what  solutions  exist  to  defeat  it. 

There  are  three  system  architectures 
for  handling  spam:  At  the  desktop,  at  the  mail  server, 
or  outsourced. 

Handling  spam  at  the  desktop  requires  that  you 
install  anti-spam  software  on  each  PC.This  can  be  a 
significant  overhead  unless  you  have  an  automated 
software  distribution  system.  And  managing  and  sup¬ 
porting,  say  1,000  anti-spam  desktop  installations  is 
not  a  trifling  task  unless  most  of  your  users  are  smart 
with  computers. 

That  said,  for  “power  users”  or  small  workgroups  a 
desktop  product  might  be  the  best  solution.  One 
such  product  I  use  and  find  very  effective  is  Ella 
from  Open  Field  Software. 

Mail  server-based  and  outsourced  products  are 
easier  to  deploy  in  large  organizations,  but  how  the 
users  interact  with  the  anti-spam  system  will  be  cru¬ 
cial  to  effectiveness.  For  example,  messages  deter¬ 
mined  to  be  spam  usually  will  be  held  in  a  folder 
somewhere.This  raises  a  number  of  questions:  How 
will  users  know  if  suspected  spam  to  their  address  is 


on  hold?  How  will  they  examine  messages  on  hold 
and  release  them  if  they  are  false  positives?  How  do 
users  notify  the  anti-spam  system  in  the  case  of  false 
negatives? 

And  for  all  architectures  there  are  management 
questions:  Can  users  submit  whitelists  of  correspon¬ 
dents  whose  messages  must  be  passed  without 
examination?  Do  the  users  have  to  submit  the  lists 
through  tech  support  or  can  they  manage  it  them¬ 
selves?  Can  users  select  the  auto-purge  duration  or  is 
it  a  systemwide  value? 

Some  systems  use  distributed  blacklists  and/or 
detection  rules  that  are  provided  by  the  anti-spam 
system  vendor  or  another  third  party  Can  you  define 
whitelists  that  will  override  the  third-party  blacklist? 
This  is  important  because  if  your  biggest  customer 
accidentally  gets  on  a  blacklist  you  don’t  want  to 
find  you’ve  missed  their  huge  urgent  order  because 
someone  else  thinks  they  are  spamming! 

There  are  the  reporting  considerations: You  want  to 
know  is  how  many  messages  were  received  and 
how  many  of  those  were  determined  to  be  spam. 

Many  anti-spam  products  are  collections  of  differ¬ 
ent  filters  that  together  determine  the  probability 
that  a  particular  message  is  spam.  For  example,  this 
is  the  strategy  SurfControl  uses  in  its  server-based 
product  E-mail  Filtering. 

Another  interesting  approach  is  to  not  worry  at  all 


about  content  filtering  and  simply  pay  attention  to 
white  and  black  lists.This  is  the  heart  of  the 
approach  Secluda  uses  in  its  inboxMaster  product, 
which  I'm  currently  examining. 

Yet  another  approach  that  doesn’t  use  content  filter¬ 
ing  is  to  verify  that  there’s  really  a  human  sending  the 
message  —  a  technique  called  challenge/response. 
These  systems  require  unknown  senders  to  take  a 
test  (for  example,  follow  a  link  to  a  Web  site  and 
enter  a  code  presented  in  a  graphic  that  a  computer 
can’t  read)  to  release  the  sender’s  held  messages.The 
problem  is  that  the  testing  technique  often  seems  to 
irritate  people  because  it’s  too  complex. 

A  simplified  version  of  this  approach  is  called 
source  verification  or,  less  accurately  source  authenti- 
cation.The  idea  is  to  hold  messages  from  unknown 
senders  and  respond  with  a  message  asking  that  they 
simply  reply  The  fact  that  the  sender  replies  means 
that  he  isn’t  a  spammer  operating  out  of  a  temporary 
account, so  the  message  is  then  released. 

While  this  doesn’t  catch  the  spam  from  clueless 
companies  that  buy  junk  e-mail  lists  to  “build”  busi¬ 
ness,  it  surprisingly  appears  to  block  maybe  90%  of 
spam!  I’m  currently  testing  Source  Authentication 
Small  Business  Edition  from  Block  All  Spam,  Inc. 

Next  week:  The  management  viewpoint.  Comment 
with  authentication  at  backspin@gibbs.com. 
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ByAdamGaffin 

SoAnnoying 

Here  at  Network  World,  we  practice  what 
we  preach  when  it  comes  to  security  —  so 
I  wasn’t  too  concerned  last  week  about  the  newest  SoBig  variant. 

What  proved  to  be  really  annoying,  however,  were  the  47  gazillion  automated 
messages  I  got  from  virus  scanners  at  other  companies  saying  I’m  a  low-life  scum 
who  had  attempted  to  send  a  virus-infected  message  to  one  of  their  employees. 

This  sort  of  thing  might  have  been  almost  useful  a  few  years  ago,  back  before 
virus  writers  realized  how  much  fun  they  could  have  with  the  Microsoft  Outlook 
address  book.  But  these  days,  the  messages  clog  in-boxes  and  confuse  end  users, 
because  there  typically  is  no  relationship  between  the  sender  of  an  infected  mes¬ 
sage  and  the  person  whose  address  is  in  the  "from”  field.  So  anti-virus  vendors: 
Instead  of  sending  out  press  releases  every  15  minutes  about  how  your  product  is 
faster  than  a  speeding  virus,  could  you  maybe  turn  this  "feature"  off? 

One  cool  thing  that’s  come  out  of  all  this  is  that  peer-to-peer  anti-spam  sys¬ 
tems  work.  I  subscribe  to  Cloudmark’s  SpamNet,  which  works  in  part  by  a  feed¬ 
back  mechanism  through  which  other  subscribers  report  spam.  By  Tuesday  after¬ 
noon,  I  noticed  my  spam  folder  was  filling  up  with  SoBig-generated  messages, 
because  SpamNet  was  marking  them  as  spam. 

Meanwhile,  Kevin  Werbach  reported  (see  www.nwfusion.com,  DocFinder:  7353) 
similar  success  with  SpamAssassin  and  some  hand-coded  rules,  but  added  that 
1,470  SoBig-related  messages  (as  of  lastTuesday)  is  just  too  much: 

"We  have  to  confront  the  reality:  Either  e-mail  is  broken,  Microsoft’s  e-mail 
software  is  broken,  or  those  two  statements  are  the  same _ “ 

SoMousepad 

As  we  here  in  Fusionland  watched  our  in-boxes  fill  up  last  week,  we  got  to 
thinking,  "Hmm,  there’s  a  contest  in  here.”  Yeah,  we  need  to  cut  down  on  the  caf¬ 


feine  consumption.  In  any  case,  welcome  to  the  official  Network  World  Fusion 
2003  Stupid  Sobig  competition. 

The  rules  are  simple:  Send  us,  by  12:01  a.m.  (EDT)  Aug.  28,  the  number  of 
SoBig-related  messages  that  have  come  into  your  mail  account.  We  know  that 
faithful  Network  World  readers  just  love  tallying  up  stuff  like  that.  Send  us,  by  the 
same  deadline,  your  best  or  worst  SoBig-related  story,  anecdote  or  comment. 

The  winner  in  each  category  will  get  a  Fusion  mousepad.  Not  available  in  any 
stores,  these  increasingly  valuable  collector's  items  will  make  you  the  envy  of  the 
cube  farm.  Entries  can  be  sent  to  agaffin@nww.com. 

Monitoring  employees  in  the  name  of  science 

“The  Cost  of  E-mail  Interruption”  is  an  interesting  paper  that  attempts  to  gauge 
the  impact  of  answering  e-mail  on  worker  productivity.  As  interesting  as  the  con¬ 
clusions  (that  people  stop  what  they’re  doing  to  read  e-mail,  basically)  is  the 
detailed  description  of  how  the  researchers  collected  their  data: 

“It  was  important  that  the  Danwood  Group  employees  did  not  know  they  were 
being  monitored  as  this  could  have  affected  the  results  of  this  interrupt  study," 
the  authors  write.  So  the  researchers  used  WinVNC  —  after  modifying  the  client 
to  remove  its  telltale  system-tray  icon  —  and  then  had  to  convince  management 
that  it  shouldn't  get  copies  of  all  the  recorded  information. 

"This  concept  is  a  hard  one  to  accept  for  many  managers, "the  authors  say. They 
reason  that  they  could  use  the  data  to  do  some  aspects  of  their  work  more  effec¬ 
tively,  such  as  targeting  promotion,  or  even  firing.Their  company  has  paid  to  have 
the  data  collected,  so  why  shouldn’t  it  be  made  available  to  them?  However,  if  the 
individual  confidentiality  had  been  compromised,  the  data  used  against  even  one 
individual  would  have  brought  the  entire  data  collection  scheme  to  an  abrupt  halt.” 

You  can  read  the  paper  at  DocFinder  7354. 

Read  Adam  Gaffin's  Compendium  every  day  at  DocFinder:  7355.  He  can  be 
reached  at  agaffin@nww.com. 


Router  with 
firewall,  VPN  and 
T1  DSU/CSU 


The  NetVanta  3305  from  ADTRAN. 


Dare  to  Compare! 

NetVanta 

3305 

Indust  ry-Leading 
Brand 

Stateful  Inspection  Firewall 

✓ 

$$$ 

Dual  Network  Interfaces 

✓ 

$$$ 

Dual  Ethernet  Interfaces 

✓ 

$s$ 

Command  Line  Interface  (CLI) 

✓ 

✓ 

Unlimited  Telephone  Support 

✓ 

$$$ 

Free  Maintenance  Releases 

✓ 

Not  Available 

Virtual  Private  Networking 

$ 

$$$ 

Dial  Backup 

$ 

sss 

PBX  Connectivity 

s 

$$$$$ 

Warranty 

5  Year 

1  Year 

Uncompromising  quality.  Affordable  price.  There's  no  better  value 
in  access  routers  than  the  NetVanta  3000  Series  from  ADTRAN. 


For  some  time  now,  you’ve  been  buying  access  routers  a 
certain  way.  Perhaps  without  giving  it  a  second  thought. 

Now  there’s  good  reason  to  look  around — the  NetVanta  3000 
Series  from  ADTRAN.  These  routers  do  the  same  work  as 
other  brand  name  routers,  at  a  cost  that’s  up  to  55  percent 
less.  Designed  with  a  familiar  CLI,  NetVanta  3000  Series  routers 
fit  seamlessly  into  existing  operations.  No  costly  training  or 
recertification.  Built  to  ADTRAN  quality  standards,  this 
low-cost  alternative  is  backed  by  a  5-year  warranty  and 

free  pre-  and  post-sales  telephone  technical  support. 

: 

Why  pay  mom? 


Take  the  CLI  Challenge!  Receive  a  free  T-Shirt! 

www.  a  dt  ran.  com/in  fo/whypaymore 


877.767.6022  Technical  Questions 
877.280.8416  Where  to  Buy 


New  Technology 

Awards.  n» 


Experts  choose  ADTRANI" 
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HOT-SWAPPABLE  REDUNDANT 
AC/DC  POWER  SUPPLIES 


INDUSTRY  LEADING 

Ironware™  software 

-EXTENSIVE  L2/3  FEATURE  SET 
-INDUSTRY  STANDARD  SNMP, 
WEB,  AND  CLI  INTERFACES 


TH 


LAYER  3  UPGRADEABLE 
-COMPREHENSIVE 
MULTIPROTOCOL  ROUTING 
-SCALABLE  MULTICAST  SUPPORT 


GIGABIT  ETHERNET  UPLINKS 
-MINI-GBICS 
-TOOOBASE-T 
UPLINKS  INCLUDED 


VOIP  CONVERGENCE  READY 


IRONSHIELD  security 
-IEEE  BD2.1X,  SSH, 

AND  EXTENDED  ACL 
-MAC-LAYER  PORT  LOCKING 
AND  DOS  PROTECTION 


ASIC-BASED  JETSCOPE/sFLOW 
-WIRE-SPEED  TRAFFIC 
MON  ITO  RING/ANALYSIS 
-INDUSTRY  STANDARD 
SUPPORT  (RFC  3176) 


Your  competitive  edge. 


Fastlron  Edge  Switches  let  you  do  more  with  less.  Compact  form.  Immense  capabilities. 
Fastlron  Edge  Stackables  pack  more  power  into  your  wiring  closet  than  any  other  switch.  They  give  you 
tunable  functionality,  configurable  security,  and  simplified  management.  The  96-port  model  has  twice 
the  port  density  of  the  nearest  competitor.  With  a  common  user  interface,  standard-based  network 
management  support,  redundant  and  hot-swappable  power  supplies,  and  a  common  software  suite,  the 
Fastlron  Edge  switches  give  you  the  lowest  total  cost  of  ownership  and  the  highest  investment  value  of 
all  the  major  switches.  Get  a  competitive  edge — get  a  Fastlron  Edge  Switch.  Call  1 .888.TURBO  LAN 
(887-2652)  or  www.foundrynetworks.com/fes. 
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